<?php
require_once '../config/database.php';

class Auth {
    private $conn;
    
    public function __construct() {
        $database = new Database();
        $this->conn = $database->connect();
    }
    
    public function login($username, $password) {
        $query = "SELECT id, username, password FROM admin WHERE username = :username LIMIT 1";
        $stmt = $this->conn->prepare($query);
        $stmt->bindParam(':username', $username);
        $stmt->execute();
        
        if ($stmt->rowCount() > 0) {
            $row = $stmt->fetch(PDO::FETCH_ASSOC);
            
            // Verifikasi password (asumsi menggunakan password_hash)
            if (password_verify($password, $row['password']) || 
                md5($password) === $row['password'] || 
                sha1($password) === $row['password'] ||
                $password === $row['password']) {
                
                session_start();
                $_SESSION['admin_id'] = $row['id'];
                $_SESSION['admin_username'] = $row['username'];
                
                return [
                    'status' => 'success',
                    'message' => 'Login berhasil',
                    'user' => [
                        'id' => $row['id'],
                        'username' => $row['username']
                    ]
                ];
            }
        }
        
        return [
            'status' => 'error',
            'message' => 'Username atau password yang Anda masukkan salah'
        ];
    }
    
    public function logout() {
        session_start();
        session_destroy();
        return ['status' => 'success', 'message' => 'Logout berhasil'];
    }
    
    public function checkSession() {
        session_start();
        return isset($_SESSION['admin_id']);
    }
}
?>