index.php

<?php
function env(string $var, string $default) : string {
  $value = getenv($var);

  if ($value == "") {
    return $default;
  }

  return $value;
}

$valid_user = false;
$failed_login = false;

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
	
	$username = $_POST['email'];
	$password = $_POST['password'];
	
	$valid_user = ($username == env("LOGIN", "smith@matrix.org") && $password == env("PASSWORD", "trinity"));
	$failed_login = ! $valid_user;
}
?>
<!doctype html>
<html lang="en" class="h-100">
  <head>
    <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

    <!-- Bootstrap CSS -->
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" 
          integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">

    <style>
      /* Sticky footer styles
      -------------------------------------------------- */
      html {
        background-image: url('matrix.jpg');
        background-size: cover;
      }

      body {
        background: none;
      }
    </style>

    <title>Brute Force</title>
  </head>
  <body class="h-100">
    <div class="container h-100">

        <?php if (!$valid_user) : ?>
        <div class="row justify-content-center align-items-center h-100">
            <div class="col-md-8 mx-auto">
                <?php if ($failed_login) : ?>
                <div class="alert alert-danger" role="alert">
                  Bad combination of e-mail and password!
                </div>
                <?php endif ?>
            
                <div class="card" style="opacity: 0.9">
                    <div class="card-header">Login</div>

                    <div class="card-body">
                        <form method="POST" action="/">

                            <div class="form-group row">
                                <label for="email" class="col-sm-4 col-form-label text-md-right">E-mail address</label>

                                <div class="col-md-6">
                                    <input id="email" type="email" class="form-control" name="email" value="" required autofocus>
                                </div>
                            </div>

                            <div class="form-group row">
                                <label for="password" class="col-md-4 col-form-label text-md-right">Password</label>

                                <div class="col-md-6">
                                    <input id="password" type="password" class="form-control" name="password" required>

                                </div>
                            </div>


                            <div class="form-group row mb-0">
                                <div class="col-md-8 offset-md-4">
                                    <button type="submit" class="btn btn-primary">
                                        Login
                                    </button>
                                </div>
                            </div>
                        </form>

                    </div>
                </div>
            </div>
        </div>
        <?php else : ?>
        <h1>Welcome!</h1>
        
        <div class="alert alert-success" role="alert">
        Congratulations! You can use the password to validate the challenge
        </div>
        
        <?php endif ?>
    </div>

    <!-- Optional JavaScript -->
    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
    <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" 
            integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" 
            crossorigin="anonymous"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" 
            integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" 
            crossorigin="anonymous"></script>
    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" 
            integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" 
            crossorigin="anonymous"></script>
  </body>
</html>