Files
WebGIS-Tugas-Setiap-Pertemuan/SPBU/api/login.php
T

51 lines
1.8 KiB
PHP

<?php
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
session_start();
require_once '../config/database.php';
$database = new Database();
$db = $database->getConnection();
$data = json_decode(file_get_contents("php://input"));
if (!empty($data->username) && !empty($data->password)) {
try {
$query = "SELECT id, username, password FROM admin WHERE username = :username LIMIT 1";
$stmt = $db->prepare($query);
$stmt->bindParam(":username", $data->username);
$stmt->execute();
if ($stmt->rowCount() > 0) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (password_verify($data->password, $row['password'])) {
$_SESSION['is_admin'] = true;
$_SESSION['admin_id'] = $row['id'];
$_SESSION['admin_username'] = $row['username'];
http_response_code(200);
echo json_encode(array(
"message" => "Login berhasil",
"username" => $row['username']
));
} else {
http_response_code(401);
echo json_encode(array("message" => "Password salah"));
}
} else {
http_response_code(401);
echo json_encode(array("message" => "Username tidak ditemukan"));
}
} catch(PDOException $e) {
http_response_code(500);
echo json_encode(array("message" => "Error: " . $e->getMessage()));
}
} else {
http_response_code(400);
echo json_encode(array("message" => "Username dan password diperlukan"));
}
?>