prepare('SELECT id, username, password, salesID, partnerhierarchy, view, service, settings, lastlogin, userkey, language FROM users WHERE username = ?'); //Excute Query $stmt->execute([$username]); // Check if username exists. Verify user exists then verify if ($stmt->rowCount() == 1) { $user_data = $stmt->fetch(); $permission = userRights($user_data['view']); $profile = getProfile($user_data['settings'],$permission); $password = $user_credentials['password']; if (array_key_exists('resetkey', $user_credentials)){ //Reset procedure //STEP 1.A- Create resetkey $headers = array('alg'=>'HS256','typ'=>'JWT'); $payload = array('username'=>$user_data['username'], 'exp'=>(time() + 1800)); $resetkey = generate_jwt($headers, $payload); //STEP 1.B Store in DB $sql = 'UPDATE users SET resetkey = ? WHERE id = ?'; $stmt = $pdo->prepare($sql); $stmt->execute([$resetkey,$user_data['id']]); //STEP 2- Send to user include_once './assets/mail/email_template_reset.php'; send_mail($user_data['username'],$subject,$message,'',''); } else { //STANDARD LOGIN if (password_verify($password, $user_data['password'])) { $token = createCommunicationToken($user_data['service']); $user = array( 'id' => $user_data['id'], 'username' => $user_data['username'], 'salesID' => $user_data['salesID'], 'partnerhierarchy' => $user_data['partnerhierarchy'], 'permission' => $permission, 'profile' => $profile, 'service' => $user_data['service'], 'userkey' => $user_data['userkey'], 'language' => $user_data['language'], 'token' => $token ); //Encrypt results $messages = generate_payload($user); //Send results print_r($messages); } else { http_response_code(403); //Not authorized } } } else { http_response_code(403);//Not authorized } ?>