fajri/REG_IBL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
710d7c1b97235cadcb55b47c170fcf04ba3e9f10
REG_IBL/one-api/application/controllers/one_mitra/Auth.php
sas.fajri 710d7c1b97 Initial import
2026-05-25 20:01:37 +07:00

350 lines
9.8 KiB
PHP
Raw Blame History

<?php
class Auth extends MY_Controller
{
var $db_regional;
var $db_log;
var $db;
var $load;
public function index()
{
// echo "AUTH API";
// $query = $this->db->query(
// "show databases
// ",
// array()
// );
// // print_r($this->db_regional->last_query());
// if (!$query) {
// $message = $this->db->error();
// $this->sys_error($message);
// exit;
// }
// $rows = $query->result_array();
// echo json_encode($rows);
}
public function __construct()
{
parent::__construct();
// $this->db_regional = $this->db->query("use one_mitra");
// $this->db_log = $this->db->query("use mitra_log");
}
function isLogin()
{
if (!$this->isLogin) {
$this->sys_error("Invalid Token");
} else {
$prm = $this->sys_input;
$data = array(
"user" => $this->sys_user
);
$this->sys_ok($data);
}
}
function login()
{
$prm = $this->sys_input;
try {
//existing password enc
// print_r($prm);
$sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
$query = $this->db->query(
"SELECT M_UserID,
M_UserUsername,
M_UserM_CompanyID,
M_UserM_MouID,
M_CompanyName as company_name,
M_UserS_RegionalID
from one_mitra.m_user
JOIN m_company ON M_UserM_CompanyID = M_CompanyID
AND M_CompanyIsActive = 'Y'
where M_UserUsername= ? and M_UserPassword= ?
and M_UserIsActive = 'Y'
",
array($prm["username"], $sm_password)
);
// print_r($this->db_regional->last_query());
if (!$query) {
$message = $this->db->error();
$this->sys_error($message, $this->db);
exit;
}
$rows = $query->result_array();
if (count($rows) > 0) {
$user = $rows[0];
$user['ip'] = $_SERVER['REMOTE_ADDR'];
$user['agent'] = $_SERVER['HTTP_USER_AGENT'];
$token = JWT::encode($user, $this->SECRET_KEY);
$data = array(
"user" => $user,
"token" => $token
);
$query = $this->db->query("UPDATE one_mitra.m_user
SET M_UserIsLoggedIn = 'Y',
M_UserLastAccess = now(),
M_UserActiveToken = '{$token}'
WHERE M_UserID = ?
", array($user['M_UserID']));
if (!$query) {
$message = $this->db_regional->error();
$this->sys_error($message);
exit;
}
$query = $this->db->query("INSERT INTO mitra_log.log_login
(Log_LoginDateTime,
Log_LoginIP,
Log_LoginType,
Log_LoginStatus,
Log_LoginLogin) VALUES (?,?,?,?,?)
", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"]));
if (!$query) {
$message = $this->db->error();
$this->sys_error($message);
exit;
}
$this->sys_ok($data);
exit;
}
$query = $this->db->query("INSERT INTO mitra_log.log_login
(Log_LoginDateTime,
Log_LoginIP,
Log_LoginType,
Log_LoginStatus,
Log_LoginLogin) VALUES (?,?,?,?,?)
", array(date('Y-m-d H:i:s'), $this->input->ip_address(), 'LOGIN', 'FAILED', $prm["username"]));
if (!$query) {
$message = $this->db_log->error();
$this->sys_error($message);
exit;
}
$this->sys_error_db("Invalid UserName / Password");
} catch (Exception $exc) {
$message = $exc->getMessage();
$this->sys_error($message);
}
}
function logout()
{
$prm = $this->sys_input;
try {
$query = $this->db->query(
"UPDATE one_mitra.m_user
SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
WHERE M_UserID = ?",
array($prm['M_UserID'])
);
if (!$query) {
$message = $this->db_regional->error();
$this->sys_error($message);
exit;
}
$this->db->query("INSERT INTO mitra_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $prm['M_UserUsername']));
$this->sys_ok("OK");
} catch (Exception $exc) {
$message = $exc->getMessage();
$this->sys_error($message);
}
}
function changepassword()
{
try {
$prm = $this->sys_input;
$userid = $this->sys_user["M_UserID"];
$companyID = $this->sys_user["M_UserM_CompanyID"];
$mouID = $this->sys_user["M_UserM_MouID"];
if (!$this->isLogin) {
echo json_encode(
array("status" => "ERR", "message" => "Invalid Token")
);
exit;
}
$currPassword = $prm['current_password'];
$newPassword = $prm['new_password'];
$passwordConfirmation = $prm['password_confirmation'];
if (!isset($prm['new_password']) || empty($prm['new_password'])) {
$this->sys_error("Silahkan isi password baru");
exit;
}
if (!isset($prm['current_password']) || empty($prm['current_password'])) {
$this->sys_error("Silahkan isi password lama");
exit;
}
if (!isset($prm['password_confirmation']) || empty($prm['password_confirmation'])) {
$this->sys_error("Silahkan isi konfirmasi password");
exit;
}
if ($newPassword != $passwordConfirmation) {
$this->sys_error("Paswword baru dan konfirmasi password tidak sama !");
exit;
}
// Validate password strength
$uppercase = preg_match('@[A-Z]@', $prm['new_password']);
$lowercase = preg_match('@[a-z]@', $prm['new_password']);
$number = preg_match('@[0-9]@', $prm['new_password']);
if (strlen($prm['new_password']) < 8) {
$this->sys_error("Password minimal 8 digit");
exit;
}
if (!$uppercase) {
$this->sys_error("Password minimal mengandung 1 huruf besar");
exit;
}
if (!$lowercase) {
$this->sys_error("Password minimal mengandung 1 huruf kecil");
exit;
}
if (!$number) {
$this->sys_error("Password minimal mengandung 1 angka");
exit;
}
$sm_password = md5($this->one_salt . $currPassword . $this->one_salt);
$query = $this->db->query(
"select * from one_mitra.m_user where M_UserID = ? and M_UserPassword = ?",
array($userid, $sm_password)
);
if (!$query) {
echo json_encode(
array("status" => "ERR", "message" => "Query cek error")
);
exit;
}
$this->db->trans_begin();
// $this->db->trans_rollback();
// $this->db->trans_commit();
$rows = $query->result_array();
if (count($rows) == 0) {
echo json_encode(
array("status" => "ERR", "message" => "Invalid Password")
);
exit;
}
$sql_json_before = "SELECT *
FROM one_mitra.m_user
WHERE M_UserIsActive = 'Y'
AND M_UserID = ?";
$qry_json_before = $this->db->query(
$sql_json_before,
[
$userid
]
);
if (!$qry_json_before) {
$this->db->trans_rollback();
$this->sys_error_db("m_user select json before");
exit;
}
$data_before_by_id = $qry_json_before->row();
$json_before_log = json_encode($data_before_by_id);
$new_password_salt = md5($this->one_salt . $newPassword . $this->one_salt);
$query = $this->db->query(
"UPDATE one_mitra.m_user set
M_UserPassword= ?
where M_UserID = ?
AND M_UserIsActive = 'Y'",
array(
$new_password_salt,
// $userID
$userid
)
);
if (!$query) {
$this->db->trans_rollback();
echo json_encode(
array("status" => "ERR", "message" => "Error Change Password")
);
exit;
}
// json after
$sql_json_after = "SELECT *
FROM one_mitra.m_user
WHERE M_UserIsActive = 'Y'
AND M_UserID = ?";
$qry_json_after = $this->db->query(
$sql_json_after,
[
// $userID
$userid
]
);
if (!$qry_json_after) {
$this->db->trans_rollback();
$this->sys_error_db("m_user select json after");
exit;
}
$data_after_by_id = $qry_json_after->row();
$json_after_log = json_encode($data_after_by_id);
// json after
// proses insert log start
$sql_insert_log = "INSERT INTO mitra_log.m_user_log(
M_UserLogM_UserID,
M_UserLogStatus,
M_UserLogJSONBefore,
M_UserLogJSONAfter,
M_UserLogUserID,
M_UserLogCreated
) VALUES (
?,
'CHANGE PASSWORD',
?,
?,
?,
now()
)";
$qry_insert_log = $this->db->query(
$sql_insert_log,
[
$userid,
$json_before_log,
$json_after_log,
$userid
]
);
if (!$qry_insert_log) {
$this->db->trans_rollback();
$this->sys_error_db("m_user insert log");
exit;
}
// proses insert log end
// $this->db->trans_begin();
// $this->db->trans_rollback();
$this->db->trans_commit();
$this->sys_ok("Berhasil Mengubah Password silahkan login ulang");
} catch (Exception $exc) {
$message = $exc->getMessage();
$this->sys_error($message);
}
}
}
Reference in New Issue View Git Blame Copy Permalink