Initial commit

app/Core/Auth.php

@@ -0,0 +1,37 @@
+<?php 
+namespace App\Core;
+
+class Auth {
+    public static function login($user) {
+        session_start();
+        session_regenerate_id(true); // Prevents session hijacking
+        $_SESSION['user_id'] = $user['id'];
+        $_SESSION['user_name'] = $user['username'];
+    }
+
+    public static function check() {
+        if (session_status() === PHP_SESSION_NONE) session_start();
+        return isset($_SESSION['user_id']);
+    }
+
+    public static function user() {
+        return $_SESSION['user_name'] ?? null;
+    }
+
+    public static function logout() {
+        session_start();
+        session_destroy();
+        header('Location: /login');
+        exit;
+    }
+    public static function getBearerToken(): ?string {
+        $headers = $_SERVER['Authorization'] ?? $_SERVER['HTTP_AUTHORIZATION'] ?? null;
+        if (!$headers && function_exists('apache_request_headers')) {
+            $req = apache_request_headers();
+            $headers = $req['Authorization'] ?? $req['authorization'] ?? null;
+        }
+        return ($headers && preg_match('/Bearer\s(\S+)/', $headers, $matches)) ? $matches[1] : null;
+    }
+}
+
+ ?>