From bc54c8c31e7f50a7a365f9b4d22fe8c74a29f61a Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Sat, 21 Mar 2026 21:35:51 +0100
Subject: Add user authentication with email verification and password reset

Implements registration, login/logout, email verification via token,
and password reset flow. Includes CSRF protection, flash messages,
MailPit for dev email testing, and security docs in README.
---
 src/app/Flash.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 src/app/Flash.php

(limited to 'src/app/Flash.php')

diff --git a/src/app/Flash.php b/src/app/Flash.php
new file mode 100644
index 0000000..6e8e78a
--- /dev/null
+++ b/src/app/Flash.php
@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+// Flash messages: one-time session messages shown after a redirect.
+// Set a message before redirecting, display it on the next page load, then it's gone.
+
+namespace App;
+
+class Flash
+{
+    public static function set(string $type, string $message): void
+    {
+        $_SESSION['flash'] = ['type' => $type, 'message' => $message];
+    }
+
+    public static function get(): ?array
+    {
+        if (isset($_SESSION['flash'])) {
+            $flash = $_SESSION['flash'];
+            unset($_SESSION['flash']);
+            return $flash;
+        }
+        return null;
+    }
+}
-- 
cgit v1.2.3