Code restructure push

src/api/google_validate_login.php

@@ -0,0 +1,146 @@
+<?php
+$rootPath = dirname(dirname(__DIR__));
+require_once($rootPath . "/src/config/env.php");
+require_once($rootPath . "/src/config/session.php");
+require_once($rootPath . "/src/config/connection.php");
+require_once($rootPath . "/src/config/functions.php");
+require_once($rootPath . '/google-client/vendor/autoload.php'); // Add this line for Google Client
+
+// Check if connection is established
+if (!$conn) {
+    json_encode(['status' => 'error', 'message' => 'Database connection failed.']);
+    exit();
+}
+
+// Google Client Setup
+$client = new Google_Client();
+$client->setClientId('948441222188-8qhboq2urr8o9n35mc70s5h2nhd52v0m.apps.googleusercontent.com');
+$client->setClientSecret('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');
+$client->setRedirectUri($_ENV['HOST'] . '/google_validate_login.php');
+$client->addScope("email");
+$client->addScope("profile");
+
+// Check if Google login code is set
+if (isset($_GET['code'])) {
+    $token = $client->fetchAccessTokenWithAuthCode($_GET['code']);
+    if (!isset($token["error"])) {
+        $client->setAccessToken($token['access_token']);
+        $google_oauth = new Google_Service_Oauth2($client);
+        $google_account_info = $google_oauth->userinfo->get();
+
+        // Get user info from Google
+        $email = $google_account_info->email;
+        $name = $google_account_info->name;
+        $first_name = $google_account_info->given_name;
+        $last_name = $google_account_info->family_name;
+        $picture = $google_account_info->picture;
+
+        // Check if the user exists in the database
+        $query = "SELECT * FROM users WHERE email = ?";
+        $stmt = $conn->prepare($query);
+        $stmt->bind_param("s", $email);
+        $stmt->execute();
+        $result = $stmt->get_result();
+
+        if ($result->num_rows == 0) {
+            // User does not exist, so register them
+            $password = null; // No password for Google login
+            $query = "INSERT INTO users (email, first_name, last_name, profile_pic, password, is_verified) VALUES (?, ?, ?, ?, ?, ?)";
+            $stmt = $conn->prepare($query);
+            $is_verified = 1; // Assuming Google users are considered verified
+            $stmt->bind_param("sssssi", $email, $first_name, $last_name, $picture, $password, $is_verified);
+            if ($stmt->execute()) {
+                // User successfully registered, set session and redirect
+                $_SESSION['user_id'] = $conn->insert_id;
+                $_SESSION['first_name'] = $first_name;
+                $_SESSION['profile_pic'] = $picture;
+                // echo json_encode(['status' => 'success', 'message' => 'Google login successful']);
+                header("Location: index.php");
+                exit();
+            } else {
+                // echo json_encode(['status' => 'error', 'message' => 'Failed to register user.']);
+                header("Location: index.php");
+                exit();
+            }
+        } else {
+            // User exists, set session and redirect
+            $row = $result->fetch_assoc();
+            $_SESSION['user_id'] = $row['user_id'];
+            $_SESSION['first_name'] = $row['first_name'];
+            $_SESSION['profile_pic'] = $row['profile_pic'];
+            // echo json_encode(['status' => 'success', 'message' => 'Google login successful']);
+            header("Location: index.php");
+            exit();
+        }
+
+        $stmt->close();
+    } else {
+        echo "Login failed.";
+        exit();
+    }
+}
+
+// Check if email and password login is requested
+if (isset($_POST['email']) && isset($_POST['password'])) {
+    // Retrieve and sanitize form data
+    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
+    $password = trim($_POST['password']); // Remove extra spaces
+
+    // Validate input
+    if (empty($email) || empty($password)) {
+        echo json_encode(['status' => 'error', 'message' => 'Please enter both email and password.']);
+        exit();
+    }
+
+    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+        echo json_encode(['status' => 'error', 'message' => 'Invalid email format.']);
+        exit();
+    }
+
+    // Prepare SQL statement to fetch user details
+    $query = "SELECT * FROM users WHERE email = ?";
+    $stmt = $conn->prepare($query);
+
+    if (!$stmt) {
+        echo json_encode(['status' => 'error', 'message' => 'Database query preparation failed.']);
+        exit();
+    }
+
+    $stmt->bind_param("s", $email);
+    $stmt->execute();
+    $result = $stmt->get_result();
+
+    // Check if user exists and verify password
+    if ($result->num_rows == 1) {
+        $row = $result->fetch_assoc();
+
+        // Check if the user is verified
+        if ($row['is_verified'] == 0) {
+            echo json_encode(['status' => 'error', 'message' => 'Your account is not verified. Please check your email for the verification link.']);
+            exit();
+        }
+
+        if (password_verify($password, $row['password'])) {
+            // Password is correct, set up session
+            $_SESSION['user_id'] = $row['user_id']; // Adjust as per your table structure
+            $_SESSION['first_name'] = $row['first_name']; // Adjust as per your table structure
+            $_SESSION['profile_pic'] = $row['profile_pic'];
+            echo json_encode(['status' => 'success', 'message' => 'Successful Login']);
+        } else {
+            // Password is incorrect
+            echo json_encode(['status' => 'error', 'message' => 'Invalid password.']);
+        }
+    } else {
+        // User does not exist
+        echo json_encode(['status' => 'error', 'message' => 'User with that email does not exist.']);
+    }
+
+    // Close the statement and connection
+    $stmt->close();
+}
+
+// Close connection
+$conn->close();
+exit();
+?>
+