'error', 'message' => 'Metode tidak diizinkan']); exit(); } require_once 'db_config.php'; $data = json_decode(file_get_contents('php://input'), true); $username = isset($data['username']) ? trim($data['username']) : ''; $password = isset($data['password']) ? $data['password'] : ''; if (empty($username) || empty($password)) { echo json_encode(['status' => 'error', 'message' => 'Username dan password wajib diisi']); exit(); } $stmt = $conn->prepare("SELECT id, username, password, nama_lengkap, role FROM users WHERE username = ?"); $stmt->bind_param('s', $username); $stmt->execute(); $result = $stmt->get_result(); if ($result->num_rows === 0) { echo json_encode(['status' => 'error', 'message' => 'Username atau password salah']); exit(); } $user = $result->fetch_assoc(); if (!password_verify($password, $user['password'])) { echo json_encode(['status' => 'error', 'message' => 'Username atau password salah']); exit(); } // Set session $_SESSION['gis_logged_in'] = true; $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['nama_lengkap'] = $user['nama_lengkap']; $_SESSION['role'] = $user['role']; echo json_encode([ 'status' => 'success', 'message' => 'Login berhasil', 'user' => [ 'username' => $user['username'], 'nama_lengkap' => $user['nama_lengkap'], 'role' => $user['role'] ] ]); $stmt->close(); $conn->close(); ?>