Login fertiggestellt im Admin Panel

admin/login.php

@@ -1,5 +1,14 @@
 <?php
+header("Content-Type: application/json");
+header("Access-Control-Allow-Origin: *");
+
 include("../../mysqlverbinden.php");
+include("../vendor/autoload.php");
+
+use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
+
+include("secret.php");
 
 if(!isset($_GET["username"])) die("GET username fehlt");
 $username=$_GET["username"];
@@ -11,10 +20,15 @@ $result=mysqli_execute_query($db_id,"SELECT `password` FROM `adminpanel-users` W
 if(!isset($result["password"])) 
 		die('{"error":"Falscher Benutzername","success":false}');
 
-if($result["password"]!=$password)
+if(!password_verify($password,$result["password"]))
 		die('{"error":"Falsches Passwort","success":false}');
 
-$token="";
+$payload=[
+		"username"=>$username,
+		"expire"=>time()+3600
+];
+
+$token=JWT::encode($payload,$secret,"HS256");
 
 echo json_encode(["token"=>$token,"success"=>true],JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES);