Change Alur Aplikasi
This commit is contained in:
Randa Firman Putra
@@ -1,198 +1,105 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import supabase from '@/lib/db';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { SignJWT } from 'jose';
|
||||
|
||||
interface User {
|
||||
id_user: number;
|
||||
username?: string;
|
||||
nip?: string;
|
||||
password: string;
|
||||
role_user: string;
|
||||
}
|
||||
|
||||
export async function POST(request: Request) {
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
|
||||
// Test database connection first
|
||||
try {
|
||||
const { data: testData, error: testError } = await supabase
|
||||
.from('user_app')
|
||||
.select('count')
|
||||
.limit(1);
|
||||
|
||||
if (testError) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Tidak dapat terhubung ke database' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
} catch (dbError) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Tidak dapat terhubung ke database' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
|
||||
const body = await request.json();
|
||||
|
||||
const { username, nip, password, role } = body;
|
||||
const { nip, username, password, role } = body;
|
||||
|
||||
// Validate input based on role
|
||||
if (role === 'admin') {
|
||||
if (!username || !password) {
|
||||
// Validate required fields
|
||||
if (!password || !role) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Username dan password harus diisi' },
|
||||
{ status: 400 }
|
||||
{ message: 'Password dan role diperlukan' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
} else if (role === 'dosen' || role === 'kajur') {
|
||||
if (!nip || !password) {
|
||||
return NextResponse.json(
|
||||
{ error: 'NIP dan password harus diisi' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
} else {
|
||||
|
||||
// Validate role
|
||||
if (!['ketuajurusan', 'admin'].includes(role)) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Role tidak valid' },
|
||||
{ message: 'Role tidak valid' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
// Get user by username (admin) or NIP (dosen/kajur)
|
||||
let users: User[];
|
||||
try {
|
||||
let query = supabase.from('user_app').select('*');
|
||||
|
||||
if (role === 'admin') {
|
||||
query = query.eq('username', username);
|
||||
} else {
|
||||
query = query.eq('nip', nip);
|
||||
}
|
||||
let query = supabase
|
||||
.from('user_app')
|
||||
.select('*')
|
||||
.eq('role_user', role);
|
||||
|
||||
const { data, error } = await query;
|
||||
|
||||
if (error) {
|
||||
// Add specific field filter based on role
|
||||
if (role === 'ketuajurusan') {
|
||||
if (!nip) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Terjadi kesalahan saat memeriksa data pengguna' },
|
||||
{ status: 500 }
|
||||
{ message: 'NIP diperlukan untuk Ketua Jurusan' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
query = query.eq('nip', nip);
|
||||
} else if (role === 'admin') {
|
||||
if (!username) {
|
||||
return NextResponse.json(
|
||||
{ message: 'Username diperlukan untuk Admin' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
query = query.eq('username', username);
|
||||
}
|
||||
|
||||
users = data || [];
|
||||
} catch (queryError) {
|
||||
const { data: users, error } = await query;
|
||||
|
||||
if (error) {
|
||||
console.error('Database error:', error);
|
||||
return NextResponse.json(
|
||||
{ error: 'Terjadi kesalahan saat memeriksa data pengguna' },
|
||||
{ message: 'Internal Server Error' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
|
||||
if (users.length === 0) {
|
||||
if (!users || users.length === 0) {
|
||||
return NextResponse.json(
|
||||
{ error: role === 'admin' ? 'Username atau password salah' : 'NIP atau password salah' },
|
||||
{ message: 'User tidak ditemukan' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
const user = users[0];
|
||||
|
||||
// Check if user role matches
|
||||
if (user.role_user !== role) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Role tidak sesuai' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
// Verify password
|
||||
let isPasswordValid;
|
||||
try {
|
||||
// For admin, check if password is plain text (not hashed)
|
||||
if (user.role_user === 'admin') {
|
||||
// Check if stored password is plain text (not starting with $2a$ or $2b$)
|
||||
if (!user.password.startsWith('$2a$') && !user.password.startsWith('$2b$')) {
|
||||
// Plain text password - direct comparison
|
||||
isPasswordValid = password === user.password;
|
||||
} else {
|
||||
// Hashed password - use bcrypt
|
||||
isPasswordValid = await bcrypt.compare(password, user.password);
|
||||
}
|
||||
} else {
|
||||
// For dosen/kajur, always use bcrypt (should be hashed)
|
||||
isPasswordValid = await bcrypt.compare(password, user.password);
|
||||
}
|
||||
} catch (bcryptError) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Terjadi kesalahan saat memverifikasi password' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
const isPasswordValid = await bcrypt.compare(password, user.password);
|
||||
|
||||
if (!isPasswordValid) {
|
||||
return NextResponse.json(
|
||||
{ error: role === 'admin' ? 'Username atau password salah' : 'NIP atau password salah' },
|
||||
{ message: 'Password salah' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
// Create JWT token
|
||||
let token;
|
||||
try {
|
||||
const tokenPayload: any = {
|
||||
id: user.id_user,
|
||||
role: user.role_user
|
||||
};
|
||||
|
||||
// Add username for admin, NIP for dosen/kajur
|
||||
if (user.role_user === 'admin') {
|
||||
tokenPayload.username = user.username;
|
||||
} else {
|
||||
tokenPayload.nip = user.nip;
|
||||
}
|
||||
|
||||
token = await new SignJWT(tokenPayload)
|
||||
.setProtectedHeader({ alg: 'HS256' })
|
||||
.setExpirationTime('24h')
|
||||
.sign(new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key'));
|
||||
} catch (jwtError) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Terjadi kesalahan saat membuat token' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
// Return user data (without password)
|
||||
const { password: _, ...userWithoutPassword } = user;
|
||||
|
||||
// Set cookie
|
||||
const userResponse: any = {
|
||||
id: user.id_user,
|
||||
role: user.role_user
|
||||
};
|
||||
|
||||
// Add username for admin, NIP for dosen/kajur
|
||||
if (user.role_user === 'admin') {
|
||||
userResponse.username = user.username;
|
||||
} else {
|
||||
userResponse.nip = user.nip;
|
||||
}
|
||||
|
||||
// Create response with session cookie
|
||||
const response = NextResponse.json({
|
||||
user: userResponse
|
||||
message: 'Login berhasil',
|
||||
user: userWithoutPassword,
|
||||
});
|
||||
|
||||
response.cookies.set('token', token, {
|
||||
// Set secure session cookie
|
||||
response.cookies.set('user_session', JSON.stringify(userWithoutPassword), {
|
||||
httpOnly: true,
|
||||
secure: false,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: 'lax',
|
||||
maxAge: 60 * 60 * 24 // 24 hours
|
||||
maxAge: 24 * 60 * 60, // 24 hours
|
||||
path: '/',
|
||||
});
|
||||
|
||||
return response;
|
||||
|
||||
} catch (error) {
|
||||
if (error instanceof Error) {
|
||||
console.error('Error message:', error.message);
|
||||
}
|
||||
console.error('Login error:', error);
|
||||
return NextResponse.json(
|
||||
{ error: 'Terjadi kesalahan saat login' },
|
||||
{ message: 'Internal Server Error' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user