From e37bfdd291bb650ef900e13308560f441e8659cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= <bruno@brn.systems>
Date: Sat, 3 Feb 2024 17:10:54 +0100
Subject: [PATCH] debug print

---
 endpoints/global/account.php | 1 +
 lib/account.php              | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/endpoints/global/account.php b/endpoints/global/account.php
index 51da7f4..faec631 100644
--- a/endpoints/global/account.php
+++ b/endpoints/global/account.php
@@ -4,6 +4,7 @@ require_once "lib/account.php";
 
 function endpoint($endpoint_data): array
 {
+    print_r($endpoint_data);
 
     return match ($endpoint_data["action"]) {
         //not logged in start
diff --git a/lib/account.php b/lib/account.php
index e6e8c85..181b300 100644
--- a/lib/account.php
+++ b/lib/account.php
@@ -83,7 +83,7 @@ function verifyPassword($userID, $password): bool
     $stmt->fetch();
     $stmt->close();
 
-    return !empty($password_hash) && password_verify($password, $password_hash);
+    return !empty($password_hash) && !empty($password) && password_verify($password, $password_hash);
 }
 
 function doLogin($email, $password): array
@@ -108,7 +108,7 @@ function doLogin($email, $password): array
 
         if ($stmt->num_rows() > 0) {
             $stmt->fetch();
-            if (password_verify($password, $password_hash) && $privilege_level >= $routerConfig["logged_in_default_permission_level"]) {
+            if (password_verify($password, $password_hash)) {
                 $found = true;
 
                 // Update LastLoginAt and LoginCount