152 lines
6.3 KiB
PHP
152 lines
6.3 KiB
PHP
<?php
|
|
require_once __DIR__ . '/config/session.php';
|
|
require_once __DIR__ . '/config/auth_check.php';
|
|
startAppSession();
|
|
|
|
if (isLoggedIn()) {
|
|
header('Location: ' . roleHome(currentRole()));
|
|
exit;
|
|
}
|
|
|
|
$error = '';
|
|
|
|
// KF-01: lockout setelah 5x percobaan gagal (jendela 15 menit)
|
|
const MAX_LOGIN_ATTEMPTS = 5;
|
|
const LOCKOUT_SECONDS = 900;
|
|
|
|
$attempts = $_SESSION['login_attempts'] ?? 0;
|
|
$lockUntil = $_SESSION['login_lock_until'] ?? 0;
|
|
$isLocked = $lockUntil > time();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
require_once __DIR__ . '/config/db.php';
|
|
require_once __DIR__ . '/config/activity.php';
|
|
|
|
if ($isLocked) {
|
|
$sisa = (int)ceil(($lockUntil - time()) / 60);
|
|
$error = "Terlalu banyak percobaan gagal. Coba lagi dalam {$sisa} menit.";
|
|
} else {
|
|
$username = trim($_POST['username'] ?? '');
|
|
$password = $_POST['password'] ?? '';
|
|
|
|
if ($username && $password) {
|
|
$pdo = Database::getConnection();
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ? LIMIT 1");
|
|
$stmt->execute([$username]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user && (int)$user['is_active'] !== 1) {
|
|
$error = 'Akun ini dinonaktifkan. Hubungi operator.';
|
|
} elseif ($user && password_verify($password, $user['password'])) {
|
|
// Sukses — reset counter & buat sesi
|
|
unset($_SESSION['login_attempts'], $_SESSION['login_lock_until']);
|
|
session_regenerate_id(true);
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['email'] = $user['email'];
|
|
$_SESSION['role'] = $user['role'];
|
|
$_SESSION['wilayah_tugas'] = $user['wilayah_tugas'];
|
|
$_SESSION['nama_lengkap'] = $user['nama_lengkap'];
|
|
|
|
$pdo->prepare("UPDATE users SET last_login = NOW() WHERE id = ?")->execute([$user['id']]);
|
|
logActivity($pdo, 'login', null, null, 'Login berhasil');
|
|
|
|
header('Location: ' . roleHome($user['role']));
|
|
exit;
|
|
} else {
|
|
// Gagal — naikkan counter
|
|
$attempts++;
|
|
$_SESSION['login_attempts'] = $attempts;
|
|
if ($attempts >= MAX_LOGIN_ATTEMPTS) {
|
|
$_SESSION['login_lock_until'] = time() + LOCKOUT_SECONDS;
|
|
$error = 'Terlalu banyak percobaan gagal. Akun dikunci sementara 15 menit.';
|
|
} else {
|
|
$sisa = MAX_LOGIN_ATTEMPTS - $attempts;
|
|
$error = "Username atau password salah. Sisa percobaan: {$sisa}.";
|
|
}
|
|
}
|
|
} else {
|
|
$error = 'Username dan password wajib diisi.';
|
|
}
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="id">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - WebGIS Pemetaan Kemiskinan</title>
|
|
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap" rel="stylesheet">
|
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css">
|
|
<link rel="stylesheet" href="assets/css/main.css">
|
|
<link rel="stylesheet" href="assets/css/auth.css">
|
|
</head>
|
|
<body class="auth-page">
|
|
|
|
<div class="auth-center">
|
|
<div class="auth-form-wrap">
|
|
<h2 class="auth-form-title">Selamat Datang</h2>
|
|
<p class="auth-form-subtitle">Masuk ke WebGIS Pemetaan Kemiskinan Terpadu.</p>
|
|
|
|
<div style="background:#F0F9FF;border:1px solid #BAE6FD;border-radius:10px;padding:10px 12px;margin-bottom:16px;font-size:0.78rem;color:#0369A1;line-height:1.5;">
|
|
<i class="fas fa-circle-info"></i> Hak akses mengikuti akun: <strong>Operator</strong>, <strong>Pimpinan</strong>, atau <strong>Enumerator</strong>.
|
|
Masyarakat umum dapat <a href="<?= app_url('peta_publik.php') ?>" style="color:#0369A1;font-weight:700;">lihat peta publik</a> tanpa login.
|
|
</div>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="auth-error">
|
|
<i class="fas fa-exclamation-circle"></i>
|
|
<?= htmlspecialchars($error) ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
|
|
<form method="POST" class="auth-form">
|
|
<div class="form-group">
|
|
<label class="form-label">Username</label>
|
|
<div class="input-with-icon">
|
|
<i class="fas fa-user input-icon"></i>
|
|
<input type="text" name="username" class="form-control"
|
|
placeholder="Masukkan username"
|
|
value="<?= htmlspecialchars($_POST['username'] ?? '') ?>"
|
|
required autocomplete="username">
|
|
</div>
|
|
</div>
|
|
<div class="form-group">
|
|
<label class="form-label">Password</label>
|
|
<div class="input-with-icon">
|
|
<i class="fas fa-lock input-icon"></i>
|
|
<input type="password" name="password" class="form-control"
|
|
placeholder="Masukkan password"
|
|
required autocomplete="current-password"
|
|
id="passwordInput">
|
|
<button type="button" class="input-icon" style="right:12px;left:auto;cursor:pointer;background:none;border:none;color:var(--text-muted);" onclick="togglePass()">
|
|
<i class="fas fa-eye" id="eyeIcon"></i>
|
|
</button>
|
|
</div>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary btn-login">
|
|
<i class="fas fa-sign-in-alt"></i>
|
|
Masuk ke Sistem
|
|
</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
function togglePass() {
|
|
const inp = document.getElementById('passwordInput');
|
|
const ico = document.getElementById('eyeIcon');
|
|
if (inp.type === 'password') {
|
|
inp.type = 'text';
|
|
ico.className = 'fas fa-eye-slash';
|
|
} else {
|
|
inp.type = 'password';
|
|
ico.className = 'fas fa-eye';
|
|
}
|
|
}
|
|
</script>
|
|
</body>
|
|
</html>
|