prepare("SELECT id_user, name, password FROM user WHERE email=:email"); $stmt_file->bindValue(':email', $email); $stmt_file->execute(); $rows = $stmt_file->fetchAll(PDO::FETCH_ASSOC); //check if user missing if(!count($rows)) { http_response_code(404); echo 'user not found'; return; } //validate password entered if(!password_verify($password, $rows[0]['password'])) { http_response_code(403); echo 'invalid password'; return; } header('Content-Type: application/json'); //set session vars for future calls $_SESSION['id_user'] = $rows[0]['id_user']; $_SESSION['name'] = $rows[0]['name']; //make a user bundle and pass it back to the client $user = new stdClass; $user->name = $_SESSION['name']; echo json_encode($user); ?>