d1041211043_randa/portaldata
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change Alur Aplikasi

Browse Source
This commit is contained in:
Randa Firman Putra
2025-07-14 15:07:33 +07:00
parent db82b40a6b
commit 6d86e1ca2f
53 changed files with 6109 additions and 964 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
app/api/auth/check/route.ts
View File

@@ -10,7 +10,7 @@ export async function GET() {
if (!token) {
return NextResponse.json(
{ error: 'Unauthorized' },
{ error: 'Unauthorized', isAuthenticated: false },
{ status: 401 }
);
}
@@ -21,33 +21,58 @@ export async function GET() {
new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key')
);
// Check if token is expired
if (payload.exp && payload.exp * 1000 < Date.now()) {
return NextResponse.json(
{ error: 'Token expired', isAuthenticated: false },
{ status: 401 }
);
}
// Get user data from user_app table
const { data: user, error } = await supabase
.from('user_app')
.select('id_user, nim, username, role')
.select('id_user, nim, username, nip, role_user')
.eq('id_user', payload.id)
.single();
if (error || !user) {
return NextResponse.json(
{ error: 'User not found' },
{ error: 'User not found', isAuthenticated: false },
{ status: 404 }
);
}
return NextResponse.json({
isAuthenticated: true,
user: {
id: user.id_user,
nim: user.nim,
username: user.username,
role: user.role
nip: user.nip,
role: user.role_user
},
session: {
expiresAt: payload.exp ? new Date(payload.exp * 1000).toISOString() : null,
issuedAt: payload.iat ? new Date(payload.iat * 1000).toISOString() : null
}
});
} catch (error) {
console.error('Auth check error:', error);
return NextResponse.json(
{ error: 'Unauthorized' },
{ error: 'Unauthorized', isAuthenticated: false },
{ status: 401 }
);
}
}
// Handle OPTIONS request for CORS
export async function OPTIONS() {
return NextResponse.json({}, {
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
}
});
}

197
app/api/auth/login/route.ts
View File

@@ -1,198 +1,105 @@
import { NextResponse } from 'next/server';
import { NextRequest, NextResponse } from 'next/server';
import supabase from '@/lib/db';
import bcrypt from 'bcryptjs';
import { SignJWT } from 'jose';
interface User {
id_user: number;
username?: string;
nip?: string;
password: string;
role_user: string;
}
export async function POST(request: Request) {
export async function POST(request: NextRequest) {
try {
// Test database connection first
try {
const { data: testData, error: testError } = await supabase
.from('user_app')
.select('count')
.limit(1);
if (testError) {
return NextResponse.json(
{ error: 'Tidak dapat terhubung ke database' },
{ status: 500 }
);
}
} catch (dbError) {
return NextResponse.json(
{ error: 'Tidak dapat terhubung ke database' },
{ status: 500 }
);
}
const body = await request.json();
const { username, nip, password, role } = body;
const { nip, username, password, role } = body;
// Validate input based on role
if (role === 'admin') {
if (!username || !password) {
// Validate required fields
if (!password || !role) {
return NextResponse.json(
{ error: 'Username dan password harus diisi' },
{ status: 400 }
{ message: 'Password dan role diperlukan' },
{ status: 400 }
);
}
} else if (role === 'dosen' || role === 'kajur') {
if (!nip || !password) {
return NextResponse.json(
{ error: 'NIP dan password harus diisi' },
{ status: 400 }
);
}
} else {
// Validate role
if (!['ketuajurusan', 'admin'].includes(role)) {
return NextResponse.json(
{ error: 'Role tidak valid' },
{ message: 'Role tidak valid' },
{ status: 400 }
);
}
// Get user by username (admin) or NIP (dosen/kajur)
let users: User[];
try {
let query = supabase.from('user_app').select('*');
if (role === 'admin') {
query = query.eq('username', username);
} else {
query = query.eq('nip', nip);
}
let query = supabase
.from('user_app')
.select('*')
.eq('role_user', role);
const { data, error } = await query;
if (error) {
// Add specific field filter based on role
if (role === 'ketuajurusan') {
if (!nip) {
return NextResponse.json(
{ error: 'Terjadi kesalahan saat memeriksa data pengguna' },
{ status: 500 }
{ message: 'NIP diperlukan untuk Ketua Jurusan' },
{ status: 400 }
);
}
query = query.eq('nip', nip);
} else if (role === 'admin') {
if (!username) {
return NextResponse.json(
{ message: 'Username diperlukan untuk Admin' },
{ status: 400 }
);
}
query = query.eq('username', username);
}
users = data || [];
} catch (queryError) {
const { data: users, error } = await query;
if (error) {
console.error('Database error:', error);
return NextResponse.json(
{ error: 'Terjadi kesalahan saat memeriksa data pengguna' },
{ message: 'Internal Server Error' },
{ status: 500 }
);
}
if (users.length === 0) {
if (!users || users.length === 0) {
return NextResponse.json(
{ error: role === 'admin' ? 'Username atau password salah' : 'NIP atau password salah' },
{ message: 'User tidak ditemukan' },
{ status: 401 }
);
}
const user = users[0];
// Check if user role matches
if (user.role_user !== role) {
return NextResponse.json(
{ error: 'Role tidak sesuai' },
{ status: 401 }
);
}
// Verify password
let isPasswordValid;
try {
// For admin, check if password is plain text (not hashed)
if (user.role_user === 'admin') {
// Check if stored password is plain text (not starting with $2a$ or $2b$)
if (!user.password.startsWith('$2a$') && !user.password.startsWith('$2b$')) {
// Plain text password - direct comparison
isPasswordValid = password === user.password;
} else {
// Hashed password - use bcrypt
isPasswordValid = await bcrypt.compare(password, user.password);
}
} else {
// For dosen/kajur, always use bcrypt (should be hashed)
isPasswordValid = await bcrypt.compare(password, user.password);
}
} catch (bcryptError) {
return NextResponse.json(
{ error: 'Terjadi kesalahan saat memverifikasi password' },
{ status: 500 }
);
}
const isPasswordValid = await bcrypt.compare(password, user.password);
if (!isPasswordValid) {
return NextResponse.json(
{ error: role === 'admin' ? 'Username atau password salah' : 'NIP atau password salah' },
{ message: 'Password salah' },
{ status: 401 }
);
}
// Create JWT token
let token;
try {
const tokenPayload: any = {
id: user.id_user,
role: user.role_user
};
// Add username for admin, NIP for dosen/kajur
if (user.role_user === 'admin') {
tokenPayload.username = user.username;
} else {
tokenPayload.nip = user.nip;
}
token = await new SignJWT(tokenPayload)
.setProtectedHeader({ alg: 'HS256' })
.setExpirationTime('24h')
.sign(new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key'));
} catch (jwtError) {
return NextResponse.json(
{ error: 'Terjadi kesalahan saat membuat token' },
{ status: 500 }
);
}
// Return user data (without password)
const { password: _, ...userWithoutPassword } = user;
// Set cookie
const userResponse: any = {
id: user.id_user,
role: user.role_user
};
// Add username for admin, NIP for dosen/kajur
if (user.role_user === 'admin') {
userResponse.username = user.username;
} else {
userResponse.nip = user.nip;
}
// Create response with session cookie
const response = NextResponse.json({
user: userResponse
message: 'Login berhasil',
user: userWithoutPassword,
});
response.cookies.set('token', token, {
// Set secure session cookie
response.cookies.set('user_session', JSON.stringify(userWithoutPassword), {
httpOnly: true,
secure: false,
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
maxAge: 60 * 60 * 24 // 24 hours
maxAge: 24 * 60 * 60, // 24 hours
path: '/',
});
return response;
} catch (error) {
if (error instanceof Error) {
console.error('Error message:', error.message);
}
console.error('Login error:', error);
return NextResponse.json(
{ error: 'Terjadi kesalahan saat login' },
{ message: 'Internal Server Error' },
{ status: 500 }
);
}

39
app/api/auth/logout/route.ts
View File

@@ -1,28 +1,29 @@
import { NextResponse } from 'next/server';
import { cookies } from 'next/headers';
export async function POST() {
try {
const response = NextResponse.json(
{ message: 'Logout berhasil' },
{ status: 200 }
);
const response = NextResponse.json({
message: 'Logout berhasil',
});
// Clear the token cookie with additional security options
response.cookies.set('token', '', {
expires: new Date(0),
path: '/',
// Clear the session cookie
response.cookies.set('user_session', '', {
httpOnly: true,
secure: false,
sameSite: 'lax'
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
maxAge: 0, // Expire immediately
path: '/',
});
return response;
} catch (error) {
console.error('Logout error:', error);
return NextResponse.json(
{ error: 'Terjadi kesalahan saat logout' },
{ status: 500 }
);
}
}
// Handle OPTIONS request for CORS
export async function OPTIONS() {
return NextResponse.json({}, {
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
}
});
}

26
app/api/auth/user/route.ts Normal file
View File

@@ -0,0 +1,26 @@
import { NextRequest, NextResponse } from 'next/server';
export async function GET(request: NextRequest) {
try {
const userSession = request.cookies.get('user_session');
if (!userSession) {
return NextResponse.json(
{ message: 'Tidak ada session aktif' },
{ status: 401 }
);
}
const userData = JSON.parse(userSession.value);
return NextResponse.json({
user: userData,
});
} catch (error) {
console.error('Get user error:', error);
return NextResponse.json(
{ message: 'Internal Server Error' },
{ status: 500 }
);
}
}