session_start();

class Auth {
    public static function login($email, $password) {
        $db = DB::connect();
        $q = $db->prepare("SELECT * FROM users WHERE email=? AND active=1");
        $q->execute([$email]);
        $user = $q->fetch();

        if ($user && password_verify($password, $user['password'])) {
            $_SESSION['user'] = $user;
            self::audit('LOGIN', 'users', $user['id']);
            return true;
        }
        return false;
    }

    public static function user() {
        return $_SESSION['user'] ?? null;
    }
}