Fix Kondisi Verify Otp Registrasi dan Login

Next mau fix eror saat user sudah terdaftar tetapi di redirect ke login, seharusnya redirect sesuai roleIdnya

src/app/api/auth/finalize-registration/route.ts

@@ -1,51 +1,64 @@
-// app/api/auth/finalize-registration/route.ts
+// src/app/api/auth/finalize-registration/route.ts
+
 import prisma from "@/lib/prisma";
 import { NextResponse } from "next/server";
 import { sessionCreate } from "../_lib/session_create";
 
 export async function POST(req: Request) {
   try {
-    const { nomor, username, kodeId, roleId } = await req.json();
+    const { nomor, username, kodeId } = await req.json();
 
-    // Validasi input
-    if (!nomor || !username || !kodeId) {
+    const cleanNomor = nomor.replace(/\D/g, "");
+
+    if (!cleanNomor || !username || !kodeId) {
       return NextResponse.json(
         { success: false, message: "Data tidak lengkap" },
         { status: 400 }
       );
     }
 
-    // Verifikasi OTP
+    // Di awal fungsi POST
+    console.log("📦 Received payload:", { nomor, username, kodeId });
+
+    // Validasi OTP
     const otpRecord = await prisma.kodeOtp.findUnique({
       where: { id: kodeId },
     });
-
-    if (!otpRecord?.isActive || otpRecord.nomor !== nomor) {
+    if (!otpRecord?.isActive || otpRecord.nomor !== cleanNomor) {
       return NextResponse.json(
         { success: false, message: "OTP tidak valid" },
         { status: 400 }
       );
     }
 
-    // Cek apakah username sudah dipakai
-    const existingUser = await prisma.user.findUnique({
-      where: { username },
-    });
-
-    if (existingUser) {
+    // Cek duplikat username
+    if (await prisma.user.findFirst({ where: { username } })) {
       return NextResponse.json(
         { success: false, message: "Username sudah digunakan" },
-        { status: 400 }
+        { status: 409 }
       );
     }
 
-    // Buat user baru
+    // ✅ Gunakan username dari input user
+    const defaultRole = await prisma.role.findFirst({
+      where: { name: "ADMIN DESA" },
+      select: { id: true },
+    });
+
+    if (!defaultRole) {
+      return NextResponse.json(
+        { success: false, message: "Role default tidak ditemukan" },
+        { status: 500 }
+      );
+    }
+
+    // ✅ Buat user dengan username yang diinput
     const newUser = await prisma.user.create({
       data: {
-        username,
+        username, // ✅ Ini yang benar
         nomor,
-        roleId: roleId || "1", // Default role
-        isActive: false, // Menunggu approval
+        roleId: defaultRole.id,
+        isActive: false,
       },
     });
 
@@ -55,29 +68,22 @@ export async function POST(req: Request) {
       data: { isActive: false },
     });
 
-    // ✅ CREATE SESSION (JWT + Database)
-    try {
-      await sessionCreate({
-        sessionKey: process.env.BASE_SESSION_KEY!,
-        jwtSecret: process.env.BASE_TOKEN_KEY!,
-        exp: "30 day",
-        user: {
-          id: newUser.id,
-          nomor: newUser.nomor,
-          username: newUser.username,
-          roleId: newUser.roleId,
-          isActive: false, // User baru belum aktif
-        },
-      });
-    } catch (sessionError) {
-      console.error("❌ Error creating session:", sessionError);
-      return NextResponse.json(
-        { success: false, message: "Gagal membuat session" },
-        { status: 500 }
-      );
-    }
+    // ✅ BUAT SESI untuk user baru (meski isActive = false)
+    const token = await sessionCreate({
+      sessionKey: process.env.BASE_SESSION_KEY!,
+      jwtSecret: process.env.BASE_TOKEN_KEY!,
+      exp: "30 day",
+      user: {
+        id: newUser.id,
+        nomor: newUser.nomor,
+        username: newUser.username, // ✅ Pastikan sesuai
+        roleId: newUser.roleId,
+        isActive: false,
+      },
+    });
 
-    return NextResponse.json({
+    // Set cookie
+    const response = NextResponse.json({
       success: true,
       message: "Registrasi berhasil. Menunggu persetujuan admin.",
       user: {
@@ -88,6 +94,14 @@ export async function POST(req: Request) {
       },
     });
 
+    response.cookies.set(process.env.BASE_SESSION_KEY!, token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      path: "/",
+      maxAge: 30 * 24 * 60 * 60,
+    });
+
+    return response;
   } catch (error) {
     console.error("❌ Finalize Registration Error:", error);
     return NextResponse.json(
@@ -97,4 +111,4 @@ export async function POST(req: Request) {
   } finally {
     await prisma.$disconnect();
   }
-}
+}