Initial import
This commit is contained in:
349
one-api/application/controllers/one_mitra/Auth.php
Normal file
349
one-api/application/controllers/one_mitra/Auth.php
Normal file
@@ -0,0 +1,349 @@
|
||||
<?php
|
||||
class Auth extends MY_Controller
|
||||
{
|
||||
var $db_regional;
|
||||
var $db_log;
|
||||
var $db;
|
||||
var $load;
|
||||
public function index()
|
||||
{
|
||||
// echo "AUTH API";
|
||||
// $query = $this->db->query(
|
||||
// "show databases
|
||||
// ",
|
||||
// array()
|
||||
// );
|
||||
// // print_r($this->db_regional->last_query());
|
||||
// if (!$query) {
|
||||
// $message = $this->db->error();
|
||||
// $this->sys_error($message);
|
||||
// exit;
|
||||
// }
|
||||
// $rows = $query->result_array();
|
||||
// echo json_encode($rows);
|
||||
}
|
||||
public function __construct()
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
// $this->db_regional = $this->db->query("use one_mitra");
|
||||
// $this->db_log = $this->db->query("use mitra_log");
|
||||
}
|
||||
|
||||
function isLogin()
|
||||
{
|
||||
if (!$this->isLogin) {
|
||||
$this->sys_error("Invalid Token");
|
||||
} else {
|
||||
$prm = $this->sys_input;
|
||||
$data = array(
|
||||
"user" => $this->sys_user
|
||||
);
|
||||
$this->sys_ok($data);
|
||||
}
|
||||
}
|
||||
|
||||
function login()
|
||||
{
|
||||
$prm = $this->sys_input;
|
||||
try {
|
||||
//existing password enc
|
||||
// print_r($prm);
|
||||
$sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
|
||||
$query = $this->db->query(
|
||||
"SELECT M_UserID,
|
||||
M_UserUsername,
|
||||
M_UserM_CompanyID,
|
||||
M_UserM_MouID,
|
||||
M_CompanyName as company_name,
|
||||
M_UserS_RegionalID
|
||||
from one_mitra.m_user
|
||||
JOIN m_company ON M_UserM_CompanyID = M_CompanyID
|
||||
AND M_CompanyIsActive = 'Y'
|
||||
where M_UserUsername= ? and M_UserPassword= ?
|
||||
and M_UserIsActive = 'Y'
|
||||
",
|
||||
array($prm["username"], $sm_password)
|
||||
);
|
||||
// print_r($this->db_regional->last_query());
|
||||
if (!$query) {
|
||||
$message = $this->db->error();
|
||||
$this->sys_error($message, $this->db);
|
||||
exit;
|
||||
}
|
||||
$rows = $query->result_array();
|
||||
if (count($rows) > 0) {
|
||||
$user = $rows[0];
|
||||
$user['ip'] = $_SERVER['REMOTE_ADDR'];
|
||||
$user['agent'] = $_SERVER['HTTP_USER_AGENT'];
|
||||
$token = JWT::encode($user, $this->SECRET_KEY);
|
||||
$data = array(
|
||||
"user" => $user,
|
||||
"token" => $token
|
||||
);
|
||||
|
||||
$query = $this->db->query("UPDATE one_mitra.m_user
|
||||
SET M_UserIsLoggedIn = 'Y',
|
||||
M_UserLastAccess = now(),
|
||||
M_UserActiveToken = '{$token}'
|
||||
WHERE M_UserID = ?
|
||||
", array($user['M_UserID']));
|
||||
if (!$query) {
|
||||
$message = $this->db_regional->error();
|
||||
$this->sys_error($message);
|
||||
exit;
|
||||
}
|
||||
|
||||
$query = $this->db->query("INSERT INTO mitra_log.log_login
|
||||
(Log_LoginDateTime,
|
||||
Log_LoginIP,
|
||||
Log_LoginType,
|
||||
Log_LoginStatus,
|
||||
Log_LoginLogin) VALUES (?,?,?,?,?)
|
||||
", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"]));
|
||||
if (!$query) {
|
||||
$message = $this->db->error();
|
||||
$this->sys_error($message);
|
||||
exit;
|
||||
}
|
||||
|
||||
$this->sys_ok($data);
|
||||
exit;
|
||||
}
|
||||
$query = $this->db->query("INSERT INTO mitra_log.log_login
|
||||
(Log_LoginDateTime,
|
||||
Log_LoginIP,
|
||||
Log_LoginType,
|
||||
Log_LoginStatus,
|
||||
Log_LoginLogin) VALUES (?,?,?,?,?)
|
||||
", array(date('Y-m-d H:i:s'), $this->input->ip_address(), 'LOGIN', 'FAILED', $prm["username"]));
|
||||
if (!$query) {
|
||||
$message = $this->db_log->error();
|
||||
$this->sys_error($message);
|
||||
exit;
|
||||
}
|
||||
$this->sys_error_db("Invalid UserName / Password");
|
||||
} catch (Exception $exc) {
|
||||
$message = $exc->getMessage();
|
||||
$this->sys_error($message);
|
||||
}
|
||||
}
|
||||
|
||||
function logout()
|
||||
{
|
||||
$prm = $this->sys_input;
|
||||
try {
|
||||
|
||||
$query = $this->db->query(
|
||||
"UPDATE one_mitra.m_user
|
||||
SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
|
||||
WHERE M_UserID = ?",
|
||||
array($prm['M_UserID'])
|
||||
);
|
||||
|
||||
if (!$query) {
|
||||
$message = $this->db_regional->error();
|
||||
$this->sys_error($message);
|
||||
exit;
|
||||
}
|
||||
|
||||
$this->db->query("INSERT INTO mitra_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
|
||||
", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $prm['M_UserUsername']));
|
||||
$this->sys_ok("OK");
|
||||
} catch (Exception $exc) {
|
||||
$message = $exc->getMessage();
|
||||
$this->sys_error($message);
|
||||
}
|
||||
}
|
||||
|
||||
function changepassword()
|
||||
{
|
||||
try {
|
||||
$prm = $this->sys_input;
|
||||
$userid = $this->sys_user["M_UserID"];
|
||||
$companyID = $this->sys_user["M_UserM_CompanyID"];
|
||||
$mouID = $this->sys_user["M_UserM_MouID"];
|
||||
if (!$this->isLogin) {
|
||||
echo json_encode(
|
||||
array("status" => "ERR", "message" => "Invalid Token")
|
||||
);
|
||||
exit;
|
||||
}
|
||||
$currPassword = $prm['current_password'];
|
||||
$newPassword = $prm['new_password'];
|
||||
$passwordConfirmation = $prm['password_confirmation'];
|
||||
if (!isset($prm['new_password']) || empty($prm['new_password'])) {
|
||||
$this->sys_error("Silahkan isi password baru");
|
||||
exit;
|
||||
}
|
||||
if (!isset($prm['current_password']) || empty($prm['current_password'])) {
|
||||
$this->sys_error("Silahkan isi password lama");
|
||||
exit;
|
||||
}
|
||||
if (!isset($prm['password_confirmation']) || empty($prm['password_confirmation'])) {
|
||||
$this->sys_error("Silahkan isi konfirmasi password");
|
||||
exit;
|
||||
}
|
||||
if ($newPassword != $passwordConfirmation) {
|
||||
$this->sys_error("Paswword baru dan konfirmasi password tidak sama !");
|
||||
exit;
|
||||
}
|
||||
|
||||
// Validate password strength
|
||||
$uppercase = preg_match('@[A-Z]@', $prm['new_password']);
|
||||
$lowercase = preg_match('@[a-z]@', $prm['new_password']);
|
||||
$number = preg_match('@[0-9]@', $prm['new_password']);
|
||||
|
||||
if (strlen($prm['new_password']) < 8) {
|
||||
|
||||
$this->sys_error("Password minimal 8 digit");
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$uppercase) {
|
||||
$this->sys_error("Password minimal mengandung 1 huruf besar");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$lowercase) {
|
||||
$this->sys_error("Password minimal mengandung 1 huruf kecil");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$number) {
|
||||
$this->sys_error("Password minimal mengandung 1 angka");
|
||||
exit;
|
||||
}
|
||||
$sm_password = md5($this->one_salt . $currPassword . $this->one_salt);
|
||||
$query = $this->db->query(
|
||||
"select * from one_mitra.m_user where M_UserID = ? and M_UserPassword = ?",
|
||||
array($userid, $sm_password)
|
||||
);
|
||||
if (!$query) {
|
||||
echo json_encode(
|
||||
array("status" => "ERR", "message" => "Query cek error")
|
||||
);
|
||||
exit;
|
||||
}
|
||||
$this->db->trans_begin();
|
||||
// $this->db->trans_rollback();
|
||||
// $this->db->trans_commit();
|
||||
$rows = $query->result_array();
|
||||
if (count($rows) == 0) {
|
||||
echo json_encode(
|
||||
array("status" => "ERR", "message" => "Invalid Password")
|
||||
);
|
||||
exit;
|
||||
}
|
||||
$sql_json_before = "SELECT *
|
||||
FROM one_mitra.m_user
|
||||
WHERE M_UserIsActive = 'Y'
|
||||
AND M_UserID = ?";
|
||||
|
||||
$qry_json_before = $this->db->query(
|
||||
$sql_json_before,
|
||||
[
|
||||
$userid
|
||||
]
|
||||
);
|
||||
|
||||
if (!$qry_json_before) {
|
||||
$this->db->trans_rollback();
|
||||
$this->sys_error_db("m_user select json before");
|
||||
exit;
|
||||
}
|
||||
|
||||
$data_before_by_id = $qry_json_before->row();
|
||||
|
||||
$json_before_log = json_encode($data_before_by_id);
|
||||
|
||||
$new_password_salt = md5($this->one_salt . $newPassword . $this->one_salt);
|
||||
$query = $this->db->query(
|
||||
"UPDATE one_mitra.m_user set
|
||||
M_UserPassword= ?
|
||||
where M_UserID = ?
|
||||
AND M_UserIsActive = 'Y'",
|
||||
array(
|
||||
|
||||
$new_password_salt,
|
||||
// $userID
|
||||
$userid
|
||||
)
|
||||
);
|
||||
if (!$query) {
|
||||
$this->db->trans_rollback();
|
||||
echo json_encode(
|
||||
array("status" => "ERR", "message" => "Error Change Password")
|
||||
);
|
||||
exit;
|
||||
}
|
||||
|
||||
// json after
|
||||
$sql_json_after = "SELECT *
|
||||
FROM one_mitra.m_user
|
||||
WHERE M_UserIsActive = 'Y'
|
||||
AND M_UserID = ?";
|
||||
|
||||
$qry_json_after = $this->db->query(
|
||||
$sql_json_after,
|
||||
[
|
||||
// $userID
|
||||
$userid
|
||||
]
|
||||
);
|
||||
|
||||
if (!$qry_json_after) {
|
||||
$this->db->trans_rollback();
|
||||
$this->sys_error_db("m_user select json after");
|
||||
exit;
|
||||
}
|
||||
|
||||
$data_after_by_id = $qry_json_after->row();
|
||||
|
||||
$json_after_log = json_encode($data_after_by_id);
|
||||
// json after
|
||||
|
||||
// proses insert log start
|
||||
$sql_insert_log = "INSERT INTO mitra_log.m_user_log(
|
||||
M_UserLogM_UserID,
|
||||
M_UserLogStatus,
|
||||
M_UserLogJSONBefore,
|
||||
M_UserLogJSONAfter,
|
||||
M_UserLogUserID,
|
||||
M_UserLogCreated
|
||||
) VALUES (
|
||||
?,
|
||||
'CHANGE PASSWORD',
|
||||
?,
|
||||
?,
|
||||
?,
|
||||
now()
|
||||
)";
|
||||
|
||||
$qry_insert_log = $this->db->query(
|
||||
$sql_insert_log,
|
||||
[
|
||||
$userid,
|
||||
$json_before_log,
|
||||
$json_after_log,
|
||||
$userid
|
||||
]
|
||||
);
|
||||
|
||||
if (!$qry_insert_log) {
|
||||
$this->db->trans_rollback();
|
||||
$this->sys_error_db("m_user insert log");
|
||||
exit;
|
||||
}
|
||||
// proses insert log end
|
||||
// $this->db->trans_begin();
|
||||
// $this->db->trans_rollback();
|
||||
$this->db->trans_commit();
|
||||
$this->sys_ok("Berhasil Mengubah Password silahkan login ulang");
|
||||
} catch (Exception $exc) {
|
||||
$message = $exc->getMessage();
|
||||
$this->sys_error($message);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user