36 lines
1.4 KiB
PHP
36 lines
1.4 KiB
PHP
<?php
|
|
session_start();
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
header("Access-Control-Allow-Methods: POST");
|
|
require_once '../koneksi.php';
|
|
|
|
$data = json_decode(file_get_contents("php://input"));
|
|
|
|
if (!empty($data->username) && !empty($data->password)) {
|
|
try {
|
|
$stmt = $conn->prepare("SELECT id, username, password, role FROM users WHERE username = :username LIMIT 1");
|
|
$stmt->bindValue(':username', $data->username);
|
|
$stmt->execute();
|
|
|
|
if($stmt->rowCount() > 0) {
|
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
// Verifikasi hash password
|
|
if(password_verify($data->password, $user['password'])) {
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['role'] = $user['role'];
|
|
echo json_encode(["pesan" => "Login Berhasil!", "user" => $user['username']]);
|
|
} else {
|
|
http_response_code(401); echo json_encode(["error" => "Password salah."]);
|
|
}
|
|
} else {
|
|
http_response_code(404); echo json_encode(["error" => "Username tidak ditemukan."]);
|
|
}
|
|
} catch(PDOException $e) {
|
|
http_response_code(500); echo json_encode(["error" => "Database Error: " . $e->getMessage()]);
|
|
}
|
|
} else {
|
|
http_response_code(400); echo json_encode(["error" => "Username dan Password wajib diisi."]);
|
|
}
|
|
?>
|