edit files
This commit is contained in:
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
// api/controllers/AuthController.php
|
||||
class AuthController {
|
||||
|
||||
public function index(): void { jsonError('Method tidak diizinkan', 405); }
|
||||
public function show(string $id): void { jsonError('Method tidak diizinkan', 405); }
|
||||
public function update(string $id): void { jsonError('Method tidak diizinkan', 405); }
|
||||
public function destroy(string $id): void { jsonError('Method tidak diizinkan', 405); }
|
||||
|
||||
/** POST /api/auth — login */
|
||||
public function store(): void {
|
||||
$body = getBody();
|
||||
$errs = required($body, ['username', 'password']);
|
||||
if ($errs) jsonError(implode('; ', $errs));
|
||||
|
||||
$user = login(sanitize($body['username']), $body['password']);
|
||||
if (!$user) jsonError('Username atau password salah', 401);
|
||||
|
||||
startSession();
|
||||
$_SESSION['user'] = $user;
|
||||
logActivity('login', 'user', $user['id']);
|
||||
jsonSuccess($user, 'Login berhasil');
|
||||
}
|
||||
|
||||
/** DELETE /api/auth/:any — logout */
|
||||
public function logout(): void {
|
||||
startSession();
|
||||
$user = currentUser();
|
||||
if ($user) logActivity('logout', 'user', $user['id']);
|
||||
session_destroy();
|
||||
jsonSuccess([], 'Logout berhasil');
|
||||
}
|
||||
|
||||
/** GET /api/auth/me */
|
||||
public function me(): void {
|
||||
$user = currentUser();
|
||||
if (!$user) jsonError('Tidak login', 401);
|
||||
jsonSuccess($user);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user