Login, Register, Verifkasi Code Admin V1

2025-11-20 02:42:39 +08:00
parent b3c169a2d4
commit a0537810e8
23 changed files with 2536 additions and 396 deletions
--- a/src/app/api/[[...slugs]]/_lib/auth/login/route.ts
+++ b/src/app/api/[[...slugs]]/_lib/auth/login/route.ts
@@ -1,5 +1,4 @@
 import prisma from "@/lib/prisma";
-
 import { NextResponse } from "next/server";
 import { randomOTP } from "../_lib/randomOTP";

@@ -12,52 +11,70 @@ export async function POST(req: Request) {
  }

  try {
-    const codeOtp = randomOTP();
    const body = await req.json();
    const { nomor } = body;
-    const res = await fetch(
-      `https://wa.wibudev.com/code?nom=${nomor}&text=Website Desa Darmasaba - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun Admin lainnya. 
-      \n 
-      >> Kode OTP anda: ${codeOtp}.
-      `
-    );

-    const sendWa = await res.json();
-
-    if (sendWa.status !== "success")
+    if (!nomor || typeof nomor !== "string") {
      return NextResponse.json(
-        { success: false, message: "Nomor Whatsapp Tidak Aktif" },
+        { success: false, message: "Nomor tidak valid" },
        { status: 400 }
      );
+    }

-    const createOtpId = await prisma.kodeOtp.create({
-      data: {
-        nomor: nomor,
-        otp: codeOtp,
-      },
+    // Cek apakah user sudah terdaftar
+    const existingUser = await prisma.user.findUnique({
+      where: { nomor },
+      select: { id: true }, // cukup cek ada/tidak
    });

-    if (!createOtpId)
+    const isRegistered = !!existingUser;
+
+    // Generate OTP
+    const codeOtp = randomOTP(); // Pastikan ini menghasilkan number (sesuai tipe di KodeOtp.otp: Int)
+
+    // Kirim OTP via WA
+    const waRes = await fetch(
+      `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=Website Desa Darmasaba - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun Admin lainnya.%0A%0A>> Kode OTP anda: ${codeOtp}.`
+    );
+
+    const sendWa = await waRes.json();
+
+    if (sendWa.status !== "success") {
      return NextResponse.json(
-        { success: false, message: "Gagal mengirim kode OTP" },
+        { success: false, message: "Nomor WhatsApp tidak aktif" },
        { status: 400 }
      );
+    }
+
+    // Simpan OTP ke database
+    const otpRecord = await prisma.kodeOtp.create({
+      data: {
+        nomor: nomor,
+        otp: codeOtp, // Pastikan tipe ini number (Int di Prisma = number di TS)
+      },
+    });

    return NextResponse.json(
      {
        success: true,
        message: "Kode verifikasi terkirim",
-        kodeId: createOtpId.id,
+        kodeId: otpRecord.id,
+        isRegistered, // 🔑 Ini kunci untuk frontend tahu harus ke register atau verifikasi
      },
      { status: 200 }
    );
  } catch (error) {
-    console.log("Error Login", error);
+    console.error("Error Login:", error);
    return NextResponse.json(
-      { success: false, message: "Terjadi masalah saat login" , reason: error as Error },
+      {
+        success: false,
+        message: "Terjadi masalah saat login",
+        // Hindari mengirim error mentah ke client di production
+        // reason: process.env.NODE_ENV === 'development' ? (error as Error).message : undefined,
+      },
      { status: 500 }
    );
  } finally {
    await prisma.$disconnect();
  }
-}
+}
--- a/src/app/api/[[...slugs]]/_lib/auth/me/route.ts
+++ b/src/app/api/[[...slugs]]/_lib/auth/me/route.ts
@@ -0,0 +1,30 @@
+import prisma from "@/lib/prisma";
+import { NextRequest } from "next/server";
+// Jika pakai custom session (bukan next-auth), ganti dengan logic session-mu
+
+export async function GET(req: NextRequest) {
+  // 🔸 GANTI DENGAN LOGIC SESSION-MU
+  // Contoh: jika kamu simpan user.id di cookie atau JWT
+  const userId = req.cookies.get("hipmi_user_id")?.value; // sesuaikan
+
+  if (!userId) {
+    return Response.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  const user = await prisma.user.findUnique({
+    where: { id: userId },
+    select: {
+      id: true,
+      username: true,
+      nomor: true,
+      isActive: true,
+      role: { select: { name: true } },
+    },
+  });
+
+  if (!user) {
+    return Response.json({ error: "User not found" }, { status: 404 });
+  }
+
+  return Response.json({ user });
+}
--- a/src/app/api/[[...slugs]]/_lib/auth/register/route.ts
+++ b/src/app/api/[[...slugs]]/_lib/auth/register/route.ts
@@ -0,0 +1,104 @@
+// import prisma from "@/lib/prisma";
+// import { NextResponse } from "next/server";
+
+// export async function POST(req: Request) {
+//   if (req.method !== "POST") {
+//     return NextResponse.json(
+//       { success: false, message: "Method Not Allowed" },
+//       { status: 405 }
+//     );
+//   }
+
+//   try {
+//     const { username, nomor, otp, kodeId } = await req.json();
+
+//     // Validasi input
+//     if (!username || !nomor || !otp || !kodeId) {
+//       return NextResponse.json(
+//         { success: false, message: "Data tidak lengkap" },
+//         { status: 400 }
+//       );
+//     }
+
+//     // 1. Verifikasi OTP
+//     const otpRecord = await prisma.kodeOtp.findUnique({
+//       where: { id: kodeId },
+//     });
+
+//     if (!otpRecord) {
+//       return NextResponse.json(
+//         { success: false, message: "Kode verifikasi tidak valid" },
+//         { status: 400 }
+//       );
+//     }
+
+//     if (!otpRecord.isActive) {
+//       return NextResponse.json(
+//         { success: false, message: "Kode verifikasi sudah digunakan atau kadaluarsa" },
+//         { status: 400 }
+//       );
+//     }
+
+//     if (otpRecord.otp !== otp) {
+//       return NextResponse.json(
+//         { success: false, message: "Kode OTP salah" },
+//         { status: 400 }
+//       );
+//     }
+
+//     if (otpRecord.nomor !== nomor) {
+//       return NextResponse.json(
+//         { success: false, message: "Nomor tidak sesuai dengan kode verifikasi" },
+//         { status: 400 }
+//       );
+//     }
+
+//     // 3. Cek apakah nomor sudah terdaftar
+//     const existingUserByNomor = await prisma.user.findUnique({
+//       where: { nomor },
+//     });
+
+//     if (existingUserByNomor) {
+//       return NextResponse.json(
+//         { success: false, message: "Nomor sudah terdaftar" },
+//         { status: 409 }
+//       );
+//     }
+
+//     // 4. Buat user
+//     const newUser = await prisma.user.create({
+//       data: {
+//         username,
+//         nomor,
+//         // roleId default "1" (sesuai model)
+//       },
+//     });
+
+//     // 5. Nonaktifkan OTP agar tidak bisa dipakai lagi
+//     await prisma.kodeOtp.update({
+//       where: { id: kodeId },
+//       data: { isActive: false },
+//     });
+
+//     return NextResponse.json(
+//       {
+//         success: true,
+//         message: "Registrasi berhasil",
+//         userId: newUser.id,
+//       },
+//       { status: 201 }
+//     );
+//   } catch (error) {
+//     console.error("Error registrasi:", error);
+//     return NextResponse.json(
+//       {
+//         success: false,
+//         message: "Terjadi kesalahan saat registrasi",
+//         // reason: process.env.NODE_ENV === 'development' ? (error as Error).message : undefined,
+//       },
+//       { status: 500 }
+//     );
+//   } finally {
+//     await prisma.$disconnect();
+//   }
+// }