Files
D1041231014_ProvertyMapping/01/api/login.php
T
2026-06-07 19:10:40 +07:00

66 lines
1.8 KiB
PHP

<?php
session_start();
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit();
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
echo json_encode(['status' => 'error', 'message' => 'Metode tidak diizinkan']);
exit();
}
require_once 'db_config.php';
$data = json_decode(file_get_contents('php://input'), true);
$username = isset($data['username']) ? trim($data['username']) : '';
$password = isset($data['password']) ? $data['password'] : '';
if (empty($username) || empty($password)) {
echo json_encode(['status' => 'error', 'message' => 'Username dan password wajib diisi']);
exit();
}
$stmt = $conn->prepare("SELECT id, username, password, nama_lengkap, role FROM users WHERE username = ?");
$stmt->bind_param('s', $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 0) {
echo json_encode(['status' => 'error', 'message' => 'Username atau password salah']);
exit();
}
$user = $result->fetch_assoc();
if (!password_verify($password, $user['password'])) {
echo json_encode(['status' => 'error', 'message' => 'Username atau password salah']);
exit();
}
// Set session
$_SESSION['gis_logged_in'] = true;
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['nama_lengkap'] = $user['nama_lengkap'];
$_SESSION['role'] = $user['role'];
echo json_encode([
'status' => 'success',
'message' => 'Login berhasil',
'user' => [
'username' => $user['username'],
'nama_lengkap' => $user['nama_lengkap'],
'role' => $user['role']
]
]);
$stmt->close();
$conn->close();
?>