63 lines
1.8 KiB
PHP
63 lines
1.8 KiB
PHP
<?php
|
|
// ================================================================
|
|
// Auth Helper
|
|
// ================================================================
|
|
require_once __DIR__ . '/../config/config.php';
|
|
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
session_name(SESSION_NAME);
|
|
session_start();
|
|
}
|
|
|
|
function isLoggedIn(): bool {
|
|
return isset($_SESSION['user_id']) && !empty($_SESSION['user_id']);
|
|
}
|
|
|
|
function requireLogin(): void {
|
|
if (!isLoggedIn()) {
|
|
header('Location: ' . BASE_URL . '/admin/login.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function requireAdmin(): void {
|
|
requireLogin();
|
|
if (getCurrentUser()['role'] !== 'admin') {
|
|
http_response_code(403);
|
|
die('<h2>Akses Ditolak</h2><p>Anda tidak memiliki izin untuk mengakses halaman ini.</p>');
|
|
}
|
|
}
|
|
|
|
function getCurrentUser(): ?array {
|
|
if (!isLoggedIn()) return null;
|
|
return [
|
|
'id' => $_SESSION['user_id'],
|
|
'nama' => $_SESSION['user_nama'] ?? '',
|
|
'email' => $_SESSION['user_email'] ?? '',
|
|
'role' => $_SESSION['user_role'] ?? 'operator',
|
|
];
|
|
}
|
|
|
|
function loginUser(array $user): void {
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['user_nama'] = $user['nama'];
|
|
$_SESSION['user_email'] = $user['email'];
|
|
$_SESSION['user_role'] = $user['role'];
|
|
// Also store as array for API compatibility
|
|
$_SESSION['user'] = [
|
|
'id' => $user['id'],
|
|
'nama' => $user['nama'],
|
|
'email' => $user['email'],
|
|
'role' => $user['role'],
|
|
];
|
|
}
|
|
|
|
function logoutUser(): void {
|
|
$_SESSION = [];
|
|
if (ini_get('session.use_cookies')) {
|
|
$p = session_get_cookie_params();
|
|
setcookie(session_name(), '', time() - 42000, $p['path'], $p['domain'], $p['secure'], $p['httponly']);
|
|
}
|
|
session_destroy();
|
|
}
|