feat: implement full authentication system and CRUD APIs for users, rumah ibadah, and penduduk miskin with database updates.
This commit is contained in:
@@ -0,0 +1,56 @@
|
||||
<?php
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
function isLoggedIn() {
|
||||
return isset($_SESSION['user_id']);
|
||||
}
|
||||
|
||||
function getCurrentUser() {
|
||||
if (!isLoggedIn()) {
|
||||
return null;
|
||||
}
|
||||
return [
|
||||
'id' => $_SESSION['user_id'],
|
||||
'username' => $_SESSION['username'],
|
||||
'role' => $_SESSION['role'],
|
||||
'ibadah_id' => $_SESSION['ibadah_id'] ? intval($_SESSION['ibadah_id']) : null
|
||||
];
|
||||
}
|
||||
|
||||
function requireLogin() {
|
||||
if (!isLoggedIn()) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
echo json_encode(['status' => 'error', 'message' => 'Unauthorized: Silakan login terlebih dahulu.']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function requireAdmin() {
|
||||
requireLogin();
|
||||
if ($_SESSION['role'] !== 'admin') {
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak. Hanya Admin yang diizinkan.']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function requireAdminOrPengelola() {
|
||||
requireLogin();
|
||||
if ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'pengelola') {
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak.']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function canManageIbadah($ibadah_id) {
|
||||
if (!isLoggedIn()) return false;
|
||||
if ($_SESSION['role'] === 'admin') return true;
|
||||
if ($_SESSION['role'] === 'pengelola') {
|
||||
return intval($_SESSION['ibadah_id']) === intval($ibadah_id);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user