Files
Poverty_Mapping/otak_auth/api_login.php
T

36 lines
1.4 KiB
PHP

<?php
session_start();
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
require_once '../koneksi.php';
$data = json_decode(file_get_contents("php://input"));
if (!empty($data->username) && !empty($data->password)) {
try {
$stmt = $conn->prepare("SELECT id, username, password, role FROM users WHERE username = :username LIMIT 1");
$stmt->bindValue(':username', $data->username);
$stmt->execute();
if($stmt->rowCount() > 0) {
$user = $stmt->fetch(PDO::FETCH_ASSOC);
// Verifikasi hash password
if(password_verify($data->password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
echo json_encode(["pesan" => "Login Berhasil!", "user" => $user['username']]);
} else {
http_response_code(401); echo json_encode(["error" => "Password salah."]);
}
} else {
http_response_code(404); echo json_encode(["error" => "Username tidak ditemukan."]);
}
} catch(PDOException $e) {
http_response_code(500); echo json_encode(["error" => "Database Error: " . $e->getMessage()]);
}
} else {
http_response_code(400); echo json_encode(["error" => "Username dan Password wajib diisi."]);
}
?>