Usually you check Userid and Password against a SQL table which contains valid UserIDs with Password. For safety reasons, do not store plain readable passwords, instead store a crypted password and compare it to the crypted password applied from the user.
Instead of the SQL table you also may use a simple textfile with valid Users and Passwords, that may run slightly slower in case of very many users, but usually it does not. There are tons of example scripts out there in the internet, simply google for "PHP loginscript". See her for example:
https://codingcyber.org/simple-login-sc ... -mysql-64/