admin/34784-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34784-vm/callback-google.php
Flatlogic Bot 0e7f6ab776 Edutask V1
2025-10-08 08:54:03 +00:00

133 lines
5.0 KiB
PHP
Raw Permalink Blame History

<?php
ini_set('display_errors', 0); // Menonaktifkan tampilan error untuk pengguna
error_reporting(E_ALL);
session_start();
require_once __DIR__ . '/google-config.php';
require_once __DIR__ . '/db/config.php';
// Fungsi untuk menampilkan halaman error yang rapi
function showErrorPage($message) {
http_response_code(500);
echo "<div style='font-family: sans-serif; text-align: center; padding: 40px;'>";
echo "<h2>Terjadi Kesalahan</h2>";
echo "<p>Proses login dengan Google gagal. Silakan coba lagi.</p>";
echo "<p style='color: #888; font-size: 0.9em;'>Detail: " . htmlspecialchars($message) . "</p>";
echo "<a href='index.php'>Kembali ke Halaman Utama</a>";
echo "</div>";
exit;
}
// 1. Pastikan Client ID dan Secret sudah diisi
if (GOOGLE_CLIENT_ID === 'MASUKKAN_CLIENT_ID_ANDA_DISINI' || GOOGLE_CLIENT_SECRET === 'MASUKKAN_CLIENT_SECRET_ANDA_DISINI') {
showErrorPage('Konfigurasi Google OAuth belum diatur. Silakan hubungi administrator.');
}
// 2. Ambil authorization code dari Google
if (!isset($_GET['code'])) {
showErrorPage('Authorization code tidak ditemukan.');
}
$code = $_GET['code'];
// 3. Tukarkan code dengan access token
try {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://oauth2.googleapis.com/token');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
'client_id' => GOOGLE_CLIENT_ID,
'client_secret' => GOOGLE_CLIENT_SECRET,
'code' => $code,
'redirect_uri' => GOOGLE_REDIRECT_URI,
'grant_type' => 'authorization_code'
]));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
$token_data = json_decode($response, true);
if (!isset($token_data['access_token'])) {
showErrorPage('Gagal mendapatkan access token dari Google. ' . ($token_data['error_description'] ?? ''));
}
$access_token = $token_data['access_token'];
// 4. Gunakan access token untuk mengambil data profil pengguna
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json');
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer ' . $access_token]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$profile_response = curl_exec($ch);
curl_close($ch);
$profile_data = json_decode($profile_response, true);
if (!isset($profile_data['id'])) {
showErrorPage('Gagal mengambil data profil dari Google.');
}
// 5. Proses data pengguna (Login atau Register)
$google_id = $profile_data['id'];
$email = $profile_data['email'];
$username = $profile_data['name'];
$avatar_url = $profile_data['picture'];
$pdo = db();
// Cek apakah pengguna sudah ada berdasarkan google_id
$stmt = $pdo->prepare("SELECT * FROM users WHERE google_id = :google_id");
$stmt->execute(['google_id' => $google_id]);
$user = $stmt->fetch();
if ($user) {
// Pengguna sudah ada, langsung login
$user_id = $user['id'];
// Mungkin update avatar jika berubah
$update_stmt = $pdo->prepare("UPDATE users SET avatar_url = :avatar_url WHERE id = :id");
$update_stmt->execute(['avatar_url' => $avatar_url, 'id' => $user_id]);
} else {
// Pengguna baru, buat akun
// Cek dulu apakah email sudah terdaftar (untuk linking akun)
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$stmt->execute(['email' => $email]);
$existing_user_by_email = $stmt->fetch();
if ($existing_user_by_email) {
// Email sudah ada, tautkan akun ini dengan google_id
$user_id = $existing_user_by_email['id'];
$update_stmt = $pdo->prepare("UPDATE users SET google_id = :google_id, avatar_url = :avatar_url WHERE id = :id");
$update_stmt->execute(['google_id' => $google_id, 'avatar_url' => $avatar_url, 'id' => $user_id]);
} else {
// Buat pengguna baru
$insert_stmt = $pdo->prepare(
"INSERT INTO users (username, email, google_id, avatar_url, role) VALUES (:username, :email, :google_id, :avatar_url, 'siswa')"
);
$insert_stmt->execute([
'username' => $username,
'email' => $email,
'google_id' => $google_id,
'avatar_url' => $avatar_url
]);
$user_id = $pdo->lastInsertId();
}
// Ambil data pengguna yang baru dibuat/diupdate
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = :id");
$stmt->execute(['id' => $user_id]);
$user = $stmt->fetch();
}
// 6. Buat sesi login
session_regenerate_id(true);
$_SESSION['loggedin'] = true;
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
// 7. Redirect ke dashboard
header('Location: dashboard.php');
exit();
} catch (Exception $e) {
// Tangkap semua jenis error (PDO, cURL, dll)
showErrorPage($e->getMessage());
}
?>
Reference in New Issue View Git Blame Copy Permalink