Это вот отсюда
function loginAction() {
$username = isset($_REQUEST['username']) ? $_REQUEST['username'] : null;
$username = trim($username);
$password = isset($_REQUEST['password']) ? $_REQUEST['password'] : null;
$password = trim($password);
$userData = loginUser($username, $password);
if($userData['success']) {
$userData = $userData[0];
$_SESSION['user'] = $userData;
$_SESSION['user']['displayName'] = $userData['username'];
$resData = $_SESSION['user'];
$resData['success'] = 1;
} else {
$resData['success'] = 0;
$resData['message'] = 'Неверный логин или пароль';
}
echo json_encode($resData);
}