Files
2026-06-10 19:48:00 +07:00

41 lines
1.4 KiB
PHP

<?php
// api/controllers/AuthController.php
class AuthController {
public function index(): void { jsonError('Method tidak diizinkan', 405); }
public function show(string $id): void { jsonError('Method tidak diizinkan', 405); }
public function update(string $id): void { jsonError('Method tidak diizinkan', 405); }
public function destroy(string $id): void { jsonError('Method tidak diizinkan', 405); }
/** POST /api/auth — login */
public function store(): void {
$body = getBody();
$errs = required($body, ['username', 'password']);
if ($errs) jsonError(implode('; ', $errs));
$user = login(sanitize($body['username']), $body['password']);
if (!$user) jsonError('Username atau password salah', 401);
startSession();
$_SESSION['user'] = $user;
logActivity('login', 'user', $user['id']);
jsonSuccess($user, 'Login berhasil');
}
/** DELETE /api/auth/:any — logout */
public function logout(): void {
startSession();
$user = currentUser();
if ($user) logActivity('logout', 'user', $user['id']);
session_destroy();
jsonSuccess([], 'Logout berhasil');
}
/** GET /api/auth/me */
public function me(): void {
$user = currentUser();
if (!$user) jsonError('Tidak login', 401);
jsonSuccess($user);
}
}