From a51d4a5d7869e51d99a977c48411bf29ac3f2b51 Mon Sep 17 00:00:00 2001
From: Bitha17 <16521076@mahasiswa.itb.ac.id>
Date: Thu, 5 Oct 2023 02:04:00 +0700
Subject: [PATCH] add authentication

---
 app/Controllers/EventController.php  | 8 +++++++-
 app/Controllers/TicketController.php | 7 +++++++
 app/Controllers/UserController.php   | 4 +++-
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/app/Controllers/EventController.php b/app/Controllers/EventController.php
index f5b19aa..a5049a7 100644
--- a/app/Controllers/EventController.php
+++ b/app/Controllers/EventController.php
@@ -1,9 +1,15 @@
-
 <?php
 // app/Controllers/EventController.php
 
+ob_start();
 require_once(__DIR__ . '/../Models/Event.php');
 
+if (!isset($_SESSION["user_id"])) {
+    // User is not authenticated; redirect to login page
+    header("Location: /app/Views/login/login.php");
+    ob_end_flush();
+}
+
 class EventController {
     private $eventModel;
 
diff --git a/app/Controllers/TicketController.php b/app/Controllers/TicketController.php
index b275ad9..4a36198 100644
--- a/app/Controllers/TicketController.php
+++ b/app/Controllers/TicketController.php
@@ -1,9 +1,16 @@
 <?php
 // app/controllers/ticketController.php
 
+ob_start();
 // require_once 'Ticket.php';
 require_once(__DIR__ . '/../Models/Ticket.php');
 
+if (!isset($_SESSION["user_id"])) {
+    // User is not authenticated; redirect to login page
+    header("Location: /app/Views/login/login.php");
+    ob_end_flush();
+}
+
 class TicketController {
     private $ticketModel;
 
diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php
index dd67e56..fe2e83a 100644
--- a/app/Controllers/UserController.php
+++ b/app/Controllers/UserController.php
@@ -30,7 +30,7 @@ class UserController {
     public function getAllUsers() {
         return $this->userModel->getAllUsers();
     }
-
+    
     public function registerUser($name, $username, $email, $password, $isAdmin) {
         return $this->createUser($name, $username, $email, password_hash($password,PASSWORD_DEFAULT), $isAdmin);
     }
@@ -38,6 +38,7 @@ class UserController {
     public function loginByEmail($email,$password) {
         $user = $this->userModel->getUserByEmail($email);
         if ($user !== false && password_verify($password, $user['user_hashedPass'])) {
+            session_start();
             $_SESSION["user_id"] = $user['user_ID'];
             return "success";
         } else {
@@ -48,6 +49,7 @@ class UserController {
     public function loginByUsername($username,$password) {
         $user = $this->userModel->getUserByUsername($username);
         if ($user !== false && password_verify($password, $user['user_hashedPass'])) {
+            session_start();
             $_SESSION["user_id"] = $user['user_ID'];
             return "success";
         } else {
-- 
GitLab