mahdahar
b29f807295
- Moved all V2 controllers (Lab, Requests, Samples, Users) to App\Controllers - Removed deprecated role controllers (Admin, Doctor, Analyst, CustomerService) - Simplified routes by removing /v2 prefix - Added AGENTS.md with project conventions and TODO.md with task tracking - Updated README.md with RBAC documentation - Fixed hardcoded dates, status color mappings, and duplicate database calls
87 lines
2.0 KiB
PHP
87 lines
2.0 KiB
PHP
<?php
|
|
|
|
namespace App\Controllers;
|
|
|
|
use App\Controllers\BaseController;
|
|
|
|
class Auth extends BaseController {
|
|
|
|
public function loginPage() {
|
|
return view("login");
|
|
}
|
|
|
|
public function login() {
|
|
helper(['form', 'url']);
|
|
$session = session();
|
|
$db = \Config\Database::connect();
|
|
|
|
$userid = strtoupper(trim($this->request->getPost('userid')));
|
|
$password = $this->request->getPost('password');
|
|
|
|
$query = $db->query("SELECT * FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]);
|
|
$user = $query->getRowArray();
|
|
|
|
if ($user && !empty($user['PASSWORD']) && password_verify($password, $user['PASSWORD'])) {
|
|
|
|
switch ((int)$user['USERLEVEL']) {
|
|
case 1:
|
|
$role = 'admin';
|
|
break;
|
|
case 2:
|
|
$role = 'analyst';
|
|
break;
|
|
case 3:
|
|
$role = 'phlebotomist';
|
|
break;
|
|
case 4:
|
|
$role = 'cs';
|
|
break;
|
|
default:
|
|
$role = '';
|
|
break;
|
|
}
|
|
|
|
$session->set([
|
|
'isLoggedIn' => true,
|
|
'userid' => (string) $user['USERID'],
|
|
'userlevel' => (int) $user['USERLEVEL'],
|
|
'userrole' => (string) $role,
|
|
]);
|
|
|
|
switch ((int)$user['USERLEVEL']) {
|
|
case 1:
|
|
return redirect()->to('admin');
|
|
case 2:
|
|
return redirect()->to('lab');
|
|
case 3:
|
|
return redirect()->to('analyst');
|
|
case 4:
|
|
return redirect()->to('cs');
|
|
default:
|
|
return redirect()->to('login');
|
|
}
|
|
} else {
|
|
$session->setFlashdata('error', 'USERID atau PASSWORD salah.');
|
|
return redirect()->back();
|
|
}
|
|
}
|
|
|
|
public function logout() {
|
|
$session = session();
|
|
$session->destroy();
|
|
return redirect()->to('login');
|
|
}
|
|
|
|
public function setPassword() {
|
|
$input = $this->request->getJSON(true);
|
|
$userid = $input['userid'];
|
|
$password = $input['password'];
|
|
$password = password_hash($password, PASSWORD_DEFAULT);
|
|
$db = db_connect();
|
|
$sql = "update GDC_CMOD.dbo.USERS set PASSWORD='$password' where USERID='$userid'";
|
|
$db->query($sql);
|
|
$data = ['status' => 'success', 'message' => 'Password updated successfully', 'data' => "$userid" ];
|
|
return $this->response->setJSON($data);
|
|
}
|
|
}
|