servnest/public/auth/login.php

<?php require "../../common/html.php"; ?>

<p>Pas de compte ? <a class="auth" href="register">En créer un</a></p>

<form method="post">
	<label for="username">Identifiant</label><br>
	<input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="<?= PLACEHOLDER_USERNAME ?>">
	<br>

	<label for="password">Clé de passe</label><br>
	<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>">
	<br>

	<input type="submit">
</form>

<?php

switchToFormProcess(requireLogin: false);

checkPasswordFormat($_POST['password']);

checkUsernameFormat($_POST['username']);

if (userExist($_POST['username']) !== true)
	userError("Connexion impossible : ce compte n'existe pas.");

if (checkPassword($_POST['username'], $_POST['password']) !== true)
	userError("Connexion impossible : clé de passe invalide.");

$_SESSION['username'] = $_POST['username'];

if (outdatedPasswordHash($_SESSION['username']))
	changePassword($_SESSION['username'], $_POST['password']);

redir();

success("Connecté·e.");