feat: implement full authentication system and CRUD APIs for users, rumah ibadah, and penduduk miskin with database updates.

This commit is contained in:
Syariffullah
2026-06-11 08:10:42 +07:00
parent 5585c34c5c
commit b77d4f6869
48 changed files with 1439 additions and 1442 deletions
+56
View File
@@ -0,0 +1,56 @@
<?php
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
function isLoggedIn() {
return isset($_SESSION['user_id']);
}
function getCurrentUser() {
if (!isLoggedIn()) {
return null;
}
return [
'id' => $_SESSION['user_id'],
'username' => $_SESSION['username'],
'role' => $_SESSION['role'],
'ibadah_id' => $_SESSION['ibadah_id'] ? intval($_SESSION['ibadah_id']) : null
];
}
function requireLogin() {
if (!isLoggedIn()) {
header('HTTP/1.1 401 Unauthorized');
echo json_encode(['status' => 'error', 'message' => 'Unauthorized: Silakan login terlebih dahulu.']);
exit;
}
}
function requireAdmin() {
requireLogin();
if ($_SESSION['role'] !== 'admin') {
header('HTTP/1.1 403 Forbidden');
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak. Hanya Admin yang diizinkan.']);
exit;
}
}
function requireAdminOrPengelola() {
requireLogin();
if ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'pengelola') {
header('HTTP/1.1 403 Forbidden');
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak.']);
exit;
}
}
function canManageIbadah($ibadah_id) {
if (!isLoggedIn()) return false;
if ($_SESSION['role'] === 'admin') return true;
if ($_SESSION['role'] === 'pengelola') {
return intval($_SESSION['ibadah_id']) === intval($ibadah_id);
}
return false;
}
?>