fix: make dashboard public and remove admin-only restriction from main pages

- Make homepage (/) accessible without authentication - Allow all authenticated users (user & admin) to access main pages: - /kinerja-divisi, /pengaduan, /jenna, /demografi - /keuangan, /bumdes, /sosial, /keamanan - /bantuan, /pengaturan - Reserve admin-only access for /admin/* routes - Update auth middleware to handle public routes properly Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-03-13 12:05:46 +08:00
parent 6c3e7c86b6
commit 89c8ca83a8
55 changed files with 3810 additions and 2917 deletions
--- a/src/middleware/authMiddleware.tsx
+++ b/src/middleware/authMiddleware.tsx
@@ -60,16 +60,39 @@ type RouteRule = {
 };

 const routeRules: RouteRule[] = [
+	// Public routes - no auth required
+	{
+		match: (p) => p === "/" || p === "/signin" || p === "/signup",
+		requireAuth: false,
+	},
+	// Profile routes - auth required for all roles
 	{
 		match: (p) => p === "/profile" || p.startsWith("/profile/"),
 		requireAuth: true,
 		redirectTo: "/signin",
 	},
+	// Dashboard and main pages - auth required for all roles (not just admin)
 	{
-		match: (p) => p === "/dashboard" || p.startsWith("/dashboard/"),
+		match: (p) =>
+			p.startsWith("/kinerja-divisi") ||
+			p.startsWith("/pengaduan") ||
+			p.startsWith("/jenna") ||
+			p.startsWith("/demografi") ||
+			p.startsWith("/keuangan") ||
+			p.startsWith("/bumdes") ||
+			p.startsWith("/sosial") ||
+			p.startsWith("/keamanan") ||
+			p.startsWith("/bantuan") ||
+			p.startsWith("/pengaturan"),
+		requireAuth: true,
+		redirectTo: "/signin",
+	},
+	// Admin routes - auth required with admin role only
+	{
+		match: (p) => p.startsWith("/admin"),
 		requireAuth: true,
 		requiredRole: "admin",
-		redirectTo: "/profile",
+		redirectTo: "/signin",
 	},
 ];

@@ -98,15 +121,22 @@ export function createProtectedRoute(options: ProtectedRouteOptions = {}) {
 		location: { pathname: string; href: string };
 	}) => {
 		const rule = findRouteRule(location.pathname);
+
+		// If no rule matches, allow access by default
 		if (!rule) return;

+		// If route explicitly doesn't require auth, allow access
+		if (rule.requireAuth === false) return;
+
 		const session = await fetchSession();
 		const user = session?.user;

+		// If auth is required but user is not logged in, redirect to login
 		if (rule.requireAuth && !user) {
 			redirectToLogin(rule.redirectTo ?? redirectTo, location.href);
 		}

+		// If specific role is required, check it
 		if (rule.requiredRole && user?.role !== rule.requiredRole) {
 			redirectToLogin(rule.redirectTo ?? redirectTo, location.href);
 		}