<?php
header("Content-Type: application/json");
header("Access-Control-Allow-Origin: *");

include("../../mysqlverbinden.php");
include("../vendor/autoload.php");

use Firebase\JWT\JWT;
use Firebase\JWT\Key;

include("secret.php");

if(!isset($_GET["username"])) die("GET username fehlt");
$username=$_GET["username"];

if(!isset($_GET["password"])) die("GET password fehlt");
$password=$_GET["password"];

$result=mysqli_execute_query($db_id,"SELECT `password` FROM `adminpanel-users` WHERE `username`=?;",[$username])->fetch_assoc();
if(!isset($result["password"])) 
		die('{"error":"Falscher Benutzername","success":false}');

if(!password_verify($password,$result["password"]))
		die('{"error":"Falsches Passwort","success":false}');

$payload=[
		"username"=>$username,
		"expire"=>time()+3600
];

$token=JWT::encode($payload,$secret,"HS256");

echo json_encode(["token"=>$token,"success"=>true],JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES);