-
This commit is contained in:
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
/**
|
||||
* auth.php — simple session-based admin auth
|
||||
*/
|
||||
|
||||
require_once __DIR__ . '/../includes/db.php';
|
||||
|
||||
session_start();
|
||||
|
||||
define('ADMIN_SESSION_KEY', 'tc_admin_auth');
|
||||
|
||||
function admin_is_logged_in(): bool {
|
||||
return !empty($_SESSION[ADMIN_SESSION_KEY]);
|
||||
}
|
||||
|
||||
function admin_require_auth(): void {
|
||||
if (!admin_is_logged_in()) {
|
||||
header('Location: login.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function admin_login(string $password): bool {
|
||||
$hash = setting('admin_password');
|
||||
if (password_verify($password, $hash)) {
|
||||
session_regenerate_id(true);
|
||||
$_SESSION[ADMIN_SESSION_KEY] = true;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function admin_logout(): void {
|
||||
$_SESSION[ADMIN_SESSION_KEY] = false;
|
||||
session_destroy();
|
||||
}
|
||||
Reference in New Issue
Block a user