headScript = $headScript; } public function indexAction() { $result = new Result(0, 403, 'invalid_controller'); header('Content-Type: application/json'); return $this->redirect()->toRoute('login'); } public function loginAction(){ try { $view = new ViewModel(); $session = $this->getSession(); $token_keamanan = md5(uniqid(mt_rand(), true)); error_log('$token_keamanan: ' . $token_keamanan); if($session) { $session->put(null, array('token_keamanan' => $token_keamanan)); $message = $session->get('message'); } else { $message = 'Tidak dapat mengakses database. Mohon ulangi beberapa saat lagi.'; } $view->setVariables(array( 'message' => $message, 'token_keamanan' => $token_keamanan )); //$view->setTerminal(true); $this->layout("layout/layoutUmum"); return $view; } catch (Exception $ex) { error_log($ex->getMessage()); return $this->redirect()->toRoute('login'); } } public function authenticateAction(){ try { $uri = $this->getRequest()->getUri(); $baseurl = sprintf('//%s', $uri->getHost()); $post = $this->getRequest()->getPost(); $session = $this->getSession(); // if (strlen('' . $post['token_keamanan']) <= 0 || $post['token_keamanan'] <> $session->get('token_keamanan')) { // $message = htmlspecialchars('Token login tidak sesuai. Mohon ulangi.', ENT_QUOTES, 'UTF-8'); // $session->put(null, array('message' => $message)); // return $this->redirect()->toRoute('login'); // } $username = $post['username']; $password = $post['passwd']; $storage = \Khansia\Access\User\Storage::factory($this->getDb(), $this->getConfig()); $user = new \Khansia\Access\User($storage); if($user->load($username, \Khansia\Access\User\Storage::LOADBY_CODE)){ // sukses load then $authResult = $user->authenticate($password, null, \Khansia\Access\User::RETRIES_TRUE); if($authResult->code == $authResult::CODE_SUCCESS) { $session->owner($user->id); /* get access role */ $access = $user->loadAccess($user->id); $accessArray = array(); foreach($access->data as $data=> $val){ if($val['access_status'] == 'TRUE'){ $newStat = true; }else{ $newStat = false; } $accessArray[$val['access_code']] = $newStat; } $session->put(null, array( 'baseurl' => $baseurl, 'user_id' => $user->id, 'usernamed' => $user->username, 'passwd' => $user->password, 'name' => $user->name, 'role' => $user->role, 'status' => $user->status, 'deviceid' => $user->deviceid, 'token' => $user->token, 'retries' => $user->retries, 'create_dtm' => $user->create_dtm, 'access' => $accessArray, 'role_code' => $access->data[0]['role_code'], )); $session->flush(); /* direct data */ return $this->redirect()->toRoute('dashboard'); }else{ switch($authResult->code) { case \Khansia\Access\User::CODE_AUTH_INVALID: $authMessage = 'User tidak valid'; break; case \Khansia\Access\User::CODE_AUTH_SUSPEND: $authMessage = 'User ditangguhkan'; break; case \Khansia\Access\User::CODE_AUTH_LOCKED: $authMessage = 'User tidak aktif'; break; case \Khansia\Access\User::CODE_AUTH_FAILED: $authMessage = 'Password tidak sesuai'; break; } $message = htmlspecialchars($authMessage, ENT_QUOTES, 'UTF-8'); $session->put(null, array('message' => $message)); return $this->redirect()->toRoute('login'); } }else{ $session = $this->getSession(); $session->put(null, array('message' => "incorrect username or passowrd ")); return $this->redirect()->toRoute('login'); } } catch (\Exception $ex) { $session = $this->getSession(); $message = htmlspecialchars($ex->getMessage(), ENT_QUOTES, 'UTF-8'); $session->put(null, array('message' => $message)); return $this->redirect()->toRoute('login'); } } public function logoutAction() { try { $session = $this->getSession(); $session->stop(); return $this->redirect()->toRoute('login'); } catch (\Exception $ex) { return $this->redirect()->toRoute('login'); } } }