Change Alur Aplikasi

2025-07-14 15:07:33 +07:00
parent db82b40a6b
commit 6d86e1ca2f
53 changed files with 6109 additions and 964 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -1,78 +1,55 @@
 import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
-import { jwtVerify } from 'jose';

-export async function middleware(request: NextRequest) {
-  const token = request.cookies.get('token')?.value;
+// Routes that require authentication
+const protectedRoutes = [
+  '/visualisasi',
+  '/keloladata',
+];
+
+// Routes that are always accessible
+const publicRoutes = [
+  '/',
+  '/api/auth/login',
+];
+
+export function middleware(request: NextRequest) {
  const { pathname } = request.nextUrl;

-  // Define public paths that don't require authentication
-  const publicPaths = ['/'];
-  const isPublicPath = publicPaths.includes(pathname);
-
-  // Check if the path is an API route or static file
-  const isApiRoute = pathname.startsWith('/api/');
-  const isStaticFile = pathname.match(/\.(jpg|jpeg|png|gif|ico|css|js)$/);
-
-  // Skip middleware for API routes and static files
-  if (isApiRoute || isStaticFile) {
+  // Check if the route is public
+  if (publicRoutes.some(route => pathname.startsWith(route))) {
    return NextResponse.next();
  }

-  // If trying to access public route with valid token, redirect to dashboard
-  if (token && isPublicPath) {
-    try {
-      await jwtVerify(
-        token,
-        new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key')
-      );
-      return NextResponse.redirect(new URL('/dashboard', request.url));
-    } catch (error) {
-      // If token is invalid, clear it and stay on public page
-      const response = NextResponse.next();
-      response.cookies.set('token', '', {
-        expires: new Date(0),
-        path: '/',
-        httpOnly: true,
-        secure: false,
-        sameSite: 'lax'
-      });
-      return response;
+  // Check if the route requires authentication
+  if (protectedRoutes.some(route => pathname.startsWith(route))) {
+    // Get user session from cookies
+    const userSession = request.cookies.get('user_session');
+    
+    if (!userSession) {
+      // Redirect to home page if not authenticated
+      return NextResponse.redirect(new URL('/', request.url));
    }
-  }

-  // If the path is protected (dashboard routes) and user is not logged in, redirect to home
-  if (pathname.startsWith('/dashboard') && !token) {
-    return NextResponse.redirect(new URL('/', request.url));
-  }
-
-  // If the path is protected and user is logged in, verify token
-  if (pathname.startsWith('/dashboard') && token) {
    try {
-      // Verify the token
-      await jwtVerify(
-        token,
-        new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key')
-      );
+      const userData = JSON.parse(userSession.value);
+      
+      // Check if user has access to keloladata routes (admin only)
+      if (pathname.startsWith('/keloladata') && userData.role_user !== 'admin') {
+        // Redirect to home page if not admin
+        return NextResponse.redirect(new URL('/', request.url));
+      }
+      
      return NextResponse.next();
    } catch (error) {
-      // If token is invalid, redirect to home
-      const response = NextResponse.redirect(new URL('/', request.url));
-      response.cookies.set('token', '', {
-        expires: new Date(0),
-        path: '/',
-        httpOnly: true,
-        secure: false,
-        sameSite: 'lax'
-      });
-      return response;
+      // Invalid session, redirect to home
+      return NextResponse.redirect(new URL('/', request.url));
    }
  }

  return NextResponse.next();
 }

-// Configure which paths the middleware should run on
 export const config = {
  matcher: [
    /*