"OK"])); break; case "auth": $errmsg = ""; if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) { exit(json_encode(["status" => "OK", "msg" => "Login successful."])); } else { exit(json_encode(["status" => "ERROR", "msg" => "Login incorrect."])); } break; case "hastotp": if (userHasTOTP($VARS['username'])) { exit(json_encode(["status" => "OK", "otp" => true])); } else { exit(json_encode(["status" => "OK", "otp" => false])); } break; case "verifytotp": if (verifyTOTP($VARS['username'], $VARS['code'])) { exit(json_encode(["status" => "OK", "valid" => true])); } else { exit(json_encode(["status" => "ERROR", "msg" => "Authentication code incorrect.", "valid" => false])); } break; default: http_response_code(404); die(json_encode("404 Not Found: the requested action is not available.")); }