import { NextRequest, NextResponse } from 'next/server'; import supabase from '@/lib/db'; import bcrypt from 'bcryptjs'; // GET - Ambil semua data user export async function GET() { try { const { data, error } = await supabase .from('user_app') .select('id_user, username, nip, role_user, created_at, updated_at') .order('id_user', { ascending: true }); if (error) { console.error('Error fetching users:', error); return NextResponse.json( { error: 'Failed to fetch users' }, { status: 500 } ); } return NextResponse.json(data); } catch (error) { console.error('Error fetching users:', error); return NextResponse.json( { error: 'Failed to fetch users' }, { status: 500 } ); } } // POST - Buat user baru export async function POST(request: NextRequest) { try { const { username, nip, password, role_user } = await request.json(); // Validasi input if (!username || username.trim() === '') { return NextResponse.json( { error: 'Username is required' }, { status: 400 } ); } if (!password || password.trim() === '') { return NextResponse.json( { error: 'Password is required' }, { status: 400 } ); } if (!role_user || !['admin', 'ketuajurusan', 'ketuaprodi'].includes(role_user)) { return NextResponse.json( { error: 'Role user must be either admin, ketuajurusan, or ketuaprodi' }, { status: 400 } ); } // Cek apakah username sudah ada const { data: existingUsername, error: existingUsernameError } = await supabase .from('user_app') .select('id_user') .ilike('username', username.trim()); if (existingUsernameError) { console.error('Error checking existing username:', existingUsernameError); return NextResponse.json( { error: 'Failed to check existing username' }, { status: 500 } ); } if (existingUsername && existingUsername.length > 0) { return NextResponse.json( { error: 'Username sudah digunakan' }, { status: 409 } ); } // Cek apakah NIP sudah ada (jika NIP diisi) if (nip && nip.trim() !== '') { const { data: existingNip, error: existingNipError } = await supabase .from('user_app') .select('id_user') .eq('nip', nip.trim()); if (existingNipError) { console.error('Error checking existing NIP:', existingNipError); return NextResponse.json( { error: 'Failed to check existing NIP' }, { status: 500 } ); } if (existingNip && existingNip.length > 0) { return NextResponse.json( { error: 'NIP sudah digunakan' }, { status: 409 } ); } } // Hash password const hashedPassword = await bcrypt.hash(password, 10); // Insert user baru const { data, error } = await supabase .from('user_app') .insert([{ username: username.trim(), nip: nip && nip.trim() !== '' ? nip.trim() : null, password: hashedPassword, role_user: role_user }]) .select('id_user, username, nip, role_user, created_at, updated_at') .single(); if (error) { console.error('Error creating user:', error); return NextResponse.json( { error: 'Failed to create user' }, { status: 500 } ); } return NextResponse.json(data, { status: 201 }); } catch (error) { console.error('Error creating user:', error); return NextResponse.json( { error: 'Failed to create user' }, { status: 500 } ); } } // PUT - Update data user (termasuk reset password) export async function PUT(request: NextRequest) { try { const { id_user, username, nip, password, role_user } = await request.json(); // Validasi input if (!id_user) { return NextResponse.json( { error: 'ID user is required' }, { status: 400 } ); } if (!username || username.trim() === '') { return NextResponse.json( { error: 'Username is required' }, { status: 400 } ); } if (!role_user || !['admin', 'ketuajurusan', 'ketuaprodi'].includes(role_user)) { return NextResponse.json( { error: 'Role user must be either admin, ketuajurusan, or ketuaprodi' }, { status: 400 } ); } // Check if user exists const { data: existingData, error: existingError } = await supabase .from('user_app') .select('id_user') .eq('id_user', id_user) .single(); if (existingError || !existingData) { return NextResponse.json( { error: 'User tidak ditemukan' }, { status: 404 } ); } // Cek apakah username sudah ada untuk user lain const { data: duplicateUsername, error: duplicateUsernameError } = await supabase .from('user_app') .select('id_user') .ilike('username', username.trim()) .neq('id_user', id_user); if (duplicateUsernameError) { console.error('Error checking duplicate username:', duplicateUsernameError); return NextResponse.json( { error: 'Failed to check duplicate username' }, { status: 500 } ); } if (duplicateUsername && duplicateUsername.length > 0) { return NextResponse.json( { error: 'Username sudah digunakan oleh user lain' }, { status: 409 } ); } // Cek apakah NIP sudah ada untuk user lain (jika NIP diisi) if (nip && nip.trim() !== '') { const { data: duplicateNip, error: duplicateNipError } = await supabase .from('user_app') .select('id_user') .eq('nip', nip.trim()) .neq('id_user', id_user); if (duplicateNipError) { console.error('Error checking duplicate NIP:', duplicateNipError); return NextResponse.json( { error: 'Failed to check duplicate NIP' }, { status: 500 } ); } if (duplicateNip && duplicateNip.length > 0) { return NextResponse.json( { error: 'NIP sudah digunakan oleh user lain' }, { status: 409 } ); } } // Siapkan data update const updateData: any = { username: username.trim(), nip: nip && nip.trim() !== '' ? nip.trim() : null, role_user: role_user, updated_at: new Date().toISOString() }; // Jika password diisi, hash dan update password if (password && password.trim() !== '') { const hashedPassword = await bcrypt.hash(password, 10); updateData.password = hashedPassword; } const { data, error } = await supabase .from('user_app') .update(updateData) .eq('id_user', id_user) .select('id_user, username, nip, role_user, created_at, updated_at') .single(); if (error) { console.error('Error updating user:', error); return NextResponse.json( { error: 'Failed to update user' }, { status: 500 } ); } return NextResponse.json(data); } catch (error) { console.error('Error updating user:', error); return NextResponse.json( { error: 'Failed to update user' }, { status: 500 } ); } } // DELETE - Hapus user export async function DELETE(request: NextRequest) { try { const { searchParams } = new URL(request.url); const id_user = searchParams.get('id_user'); if (!id_user) { return NextResponse.json( { error: 'ID user is required' }, { status: 400 } ); } // Check if user exists const { data: existingData, error: existingError } = await supabase .from('user_app') .select('id_user, username') .eq('id_user', id_user) .single(); if (existingError || !existingData) { return NextResponse.json( { error: 'User tidak ditemukan' }, { status: 404 } ); } // Prevent deleting admin account (optional safety check) // Uncomment jika ingin mencegah penghapusan admin // const { data: userData } = await supabase // .from('user_app') // .select('role_user') // .eq('id_user', id_user) // .single(); // // if (userData && userData.role_user === 'admin') { // return NextResponse.json( // { error: 'Tidak dapat menghapus akun admin' }, // { status: 403 } // ); // } const { error } = await supabase .from('user_app') .delete() .eq('id_user', id_user); if (error) { console.error('Error deleting user:', error); return NextResponse.json( { error: 'Failed to delete user' }, { status: 500 } ); } return NextResponse.json( { message: 'User berhasil dihapus' }, { status: 200 } ); } catch (error) { console.error('Error deleting user:', error); return NextResponse.json( { error: 'Failed to delete user' }, { status: 500 } ); } }