fix(wa-service): use correct API endpoint wa.wibudev.com with GET method

- Change API URL from otp.wibudev.com to wa.wibudev.com - otp.wibudev.com is dashboard UI, not API endpoint - wa.wibudev.com/code is the correct API endpoint - Change method from POST to GET - API expects GET request with query params - Add Authorization header with Bearer token - API returns { status: 'success', id: '...' } - Update .env.local: - WIBU_WA_API_URL=https://wa.wibudev.com Tested with curl: ✓ GET https://wa.wibudev.com/code?nom=...&text=... ✓ Authorization: Bearer <API_KEY> ✓ Response: {"status":"success","id":"..."} Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
feat(auth): migrate WhatsApp OTP to otp.wibudev.com with API Key authentication
2026-03-05 12:12:59 +08:00 · 2026-03-05 12:07:58 +08:00
29 changed files with 374 additions and 521 deletions
--- a/.env
+++ b/.env
@@ -1,19 +0,0 @@
-DATABASE_URL="postgresql://bip:Production_123@localhost:5433/desa-darmasaba-v0.0.1?schema=public"
-# Seafile
-SEAFILE_TOKEN=20a19f4a04032215d50ce53292e6abdd38b9f806
-SEAFILE_REPO_ID=f0e9ee4a-fd13-49a2-81c0-f253951d063a
-SEAFILE_URL=https://cld-dkr-makuro-seafile.wibudev.com
-SEAFILE_PUBLIC_SHARE_TOKEN=3a9a9ecb5e244f4da8ae
-
-# Upload
-WIBU_UPLOAD_DIR=uploads
-WIBU_DOWNLOAD_DIR="./download"
-NEXT_PUBLIC_BASE_URL="http://localhost:3000"
-EMAIL_USER=nicoarya20@gmail.com
-EMAIL_PASS=hymmfpcaqzqkfgbh
-BASE_SESSION_KEY=kp9sGx91as0Kj2Ls81nAsl2Kdj13KsxP
-BASE_TOKEN_KEY=Qm82JsA92lMnKw0291mxKaaP02KjslaA
-
-# BOT-TELE
-BOT_TOKEN=8498428675:AAEQwAUjTqpvgyyC5C123nP1mAxhOg12Ph0
-CHAT_ID=5251328671
--- a/.env.example
+++ b/.env.example
@@ -1,36 +0,0 @@
-# Database Configuration
-DATABASE_URL="postgresql://username:password@localhost:5432/desa-darmasaba?schema=public"
-
-# Seafile Configuration (File Storage)
-SEAFILE_TOKEN=your_seafile_token
-SEAFILE_REPO_ID=your_seafile_repo_id
-SEAFILE_URL=https://your-seafile-instance.com
-SEAFILE_PUBLIC_SHARE_TOKEN=your_seafile_public_share_token
-
-# Upload Configuration
-WIBU_UPLOAD_DIR=uploads
-WIBU_DOWNLOAD_DIR=./download
-
-# Application Configuration
-NEXT_PUBLIC_BASE_URL=http://localhost:3000
-
-# Email Configuration (for notifications/subscriptions)
-EMAIL_USER=your_email@gmail.com
-EMAIL_PASS=your_email_app_password
-
-# Session Configuration
-BASE_SESSION_KEY=your_session_key_generate_secure_random_string
-BASE_TOKEN_KEY=your_jwt_secret_key_generate_secure_random_string
-
-# Telegram Bot Configuration (for notifications)
-BOT_TOKEN=your_telegram_bot_token
-CHAT_ID=your_telegram_chat_id
-
-# Session Password (for iron-session)
-SESSION_PASSWORD="your_session_password_min_32_characters_long_secure"
-
-# ElevenLabs API Key (for TTS features - optional)
-ELEVENLABS_API_KEY=your_elevenlabs_api_key
-
-# Environment (optional, defaults to development)
-# NODE_ENV=development
--- a/.gitignore
+++ b/.gitignore
@@ -29,12 +29,7 @@ yarn-error.log*
 .pnpm-debug.log*

 # env 
-# env local files (keep .env.example)
-.env.local
-.env*.local
-.env.production
-.env.development
-!.env.example
+.env*

 # QC
 QC
@@ -57,5 +52,7 @@ next-env.d.ts

 .github/

+.env.*
+
 *.tar.gz

--- a/AUDIT_REPORT.md
+++ b/AUDIT_REPORT.md
@@ -1,73 +0,0 @@
-# Engineering Audit Report: Desa Darmasaba
-**Status:** Production Readiness Review (Critical)
-**Auditor:** Staff Technical Architect
-
---
-
-## 📊 Executive Summary & Scores
-
-| Category | Score | Status |
-| :--- | :---: | :--- |
-| **Project Architecture** | 3/10 | 🔴 Critical Failure |
-| **Code Quality** | 4/10 | 🟠 Poor |
-| **Performance** | 5/10 | 🟡 Mediocre |
-| **Security** | 5/10 | 🟠 Risk Detected |
-| **Production Readiness** | 2/10 | 🔴 Not Ready |
-
---
-
-## 🏗️ 1. Project Architecture
-The project suffers from a **"Frankenstein Architecture"**. It attempts to run a full Elysia.js instance inside a Next.js Catch-All route.
- **Fractured Backend:** Logic is split between standard Next.js routes (`/api/auth`) and embedded Elysia modules.
- **Stateful Dependency:** Reliance on local filesystem (`WIBU_UPLOAD_DIR`) makes the application impossible to deploy on modern serverless platforms like Vercel.
- **Polluted Namespace:** Routing tree contains "test/coba" folders (`src/app/coba`, `src/app/percobaan`) that would be accessible in production.
-
-## ⚛️ 2. Frontend Engineering (React / Next.js)
- **State Management Chaos:** Simultaneous use of `Valtio`, `Jotai`, `React Context`, and `localStorage`.
- **Tight Coupling:** Public pages (`/darmasaba`) import state directly from Admin internal states (`/admin/(dashboard)/_state`).
- **Heavy Client-Side Logic:** Logic that belongs in Server Actions or Hooks is embedded in presentational components (e.g., `Footer.tsx`).
-
-## 📡 3. Backend / API Design
- **Framework Overhead:** Running Elysia inside Next.js adds unnecessary cold-boot overhead and complexity.
- **Weak Validation:** Widespread use of `as Type` casting in API handlers instead of runtime validation (Zod/Schema).
- **Service Integration:** OTP codes are sent via external `GET` requests with sensitive data in the query string—a major logging risk.
-
-## 🗄️ 4. Database & Data Modeling (Prisma)
- **Schema Over-Normalization:** ~2000 lines of schema. Every minor content type (e.g., `LambangDesa`) is a separate table instead of a unified CMS model.
- **Polymorphic Monolith:** `FileStorage` is a "god table" with optional relations to ~40 other tables, creating a massive bottleneck and data integrity risk.
- **Connection Mismanagement:** Manual `prisma.$disconnect()` in API routes kills connection pooling performance.
-
-## 🚀 5. Performance Engineering
- **Bypassing Optimization:** Custom `/api/utils/img` endpoint bypasses `next/image` optimization, serving uncompressed assets.
- **Aggressive Polling:** Client-side 30s polling for notifications is battery-draining and inefficient compared to SSE or SWR.
-
-## 🔒 6. Security Audit
- **Insecure OTP Delivery:** Credentials passed as URL parameters to the WhatsApp service.
- **File Upload Risks:** Potential for Arbitrary File Upload due to direct local filesystem writes without rigorous sanitization.
-
-## 🧹 7. Code Quality
- **Inconsistency:** Mixed English/Indonesian naming (e.g., `nomor` vs `createdAt`).
- **Artifacts:** Root directory is littered with scratch files: `xcoba.ts`, `xx.ts`, `test.txt`.
-
---
-
-## 🚩 Top 10 Critical Problems
-1. **Architectural Fracture:** Embedding Elysia inside Next.js creates a "split-brain" system.
-2. **Serverless Incompatibility:** Dependency on local disk storage for uploads.
-3. **Database Bloat:** Over-complicated schema with a fragile `FileStorage` monolith.
-4. **State Fragmentation:** Mixed usage of Jotai and Valtio without a clear standard.
-5. **Credential Leakage:** OTP codes sent via GET query parameters.
-6. **Poor Cleanup:** Trial/Test folders and files committed to the production source.
-7. **Asset Performance:** Bypassing Next.js image optimization.
-8. **Coupling:** High dependency between public UI and internal Admin state.
-9. **Type Safety:** Manual casting in APIs instead of runtime validation.
-10. **Connection Pooling:** Inefficient Prisma connection management.
-
---
-
-## 🛠️ Tech Lead Refactoring Priorities
-1. **Unify the API:** Decommission the Elysia wrapper. Port all logic to standard Next.js Route Handlers with Zod validation.
-2. **Stateless Storage:** Implement an S3-compatible adapter for all file uploads. Remove `fs` usage.
-3. **Schema Consolidation:** Refactor the schema to use generic content models where possible.
-4. **Standardize State:** Choose one global state manager and migrate all components.
-5. **Project Sanitization:** Delete all `coba`, `percobaan`, and scratch files (`xcoba.ts`, etc.).
--- a/60
+++ b/60
@@ -1,60 +0,0 @@
-# Stage 1: Build
-FROM oven/bun:1.3 AS build
-
-# Install build dependencies for native modules
-RUN apt-get update && apt-get install -y \
-    python3 \
-    make \
-    g++ \
-    && rm -rf /var/lib/apt/lists/*
-
-# Set the working directory
-WORKDIR /app
-
-# Copy package files
-COPY package.json bun.lock* ./
-
-# Install dependencies
-RUN bun install --frozen-lockfile
-
-# Copy the rest of the application code
-COPY . .
-
-# Use .env.example as default env for build
-RUN cp .env.example .env
-
-# Generate Prisma client
-RUN bun x prisma generate
-
-# Build the application frontend
-ENV NODE_ENV=production
-RUN bun run build
-
-# Stage 2: Runtime
-FROM oven/bun:1.3-slim AS runtime
-
-# Set environment variables
-ENV NODE_ENV=production
-
-# Install runtime dependencies
-RUN apt-get update && apt-get install -y \
-    postgresql-client \
-    && rm -rf /var/lib/apt/lists/*
-
-# Set the working directory
-WORKDIR /app
-
-# Copy necessary files from build stage
-COPY --from=build /app/package.json ./
-COPY --from=build /app/tsconfig.json ./
-COPY --from=build /app/.next ./.next
-COPY --from=build /app/public ./public
-COPY --from=build /app/src ./src
-COPY --from=build /app/node_modules ./node_modules
-COPY --from=build /app/prisma ./prisma
-
-# Expose the port
-EXPOSE 3000
-
-# Start the application
-CMD ["bun", "start"]
--- a/bun.lockb
+++ b/bun.lockb
--- a/next.config.ts
+++ b/next.config.ts
@@ -1,7 +1,6 @@
 import type { NextConfig } from "next";

 const nextConfig: NextConfig = {
-  serverExternalPackages: ['@elysiajs/static', 'elysia'],
  experimental: {},
  allowedDevOrigins: [
    "http://192.168.1.82:3000", // buat akses dari HP/device lain
--- a/package.json
+++ b/package.json
@@ -33,7 +33,7 @@
    "@mantine/modals": "^8.3.6",
    "@mantine/tiptap": "^7.17.4",
    "@paljs/types": "^8.1.0",
-    "@prisma/client": "6.3.1",
+    "@prisma/client": "^6.3.1",
    "@tabler/icons-react": "^3.30.0",
    "@tiptap/extension-highlight": "^2.11.7",
    "@tiptap/extension-link": "^2.11.7",
@@ -89,7 +89,7 @@
    "p-limit": "^6.2.0",
    "primeicons": "^7.0.0",
    "primereact": "^10.9.6",
-    "prisma": "6.3.1",
+    "prisma": "^6.3.1",
    "react": "^19.0.0",
    "react-dom": "^19.0.0",
    "react-exif-orientation-img": "^0.1.5",
--- a/src/app/admin/(dashboard)/_state/landing-page/apbdes.ts
+++ b/src/app/admin/(dashboard)/_state/landing-page/apbdes.ts
@@ -23,9 +23,8 @@ const ApbdesFormSchema = z.object({
  name: z.string().optional(),
  deskripsi: z.string().optional(),
  jumlah: z.string().optional(),
-  // Image dan file opsional (bisa kosong)
-  imageId: z.string().optional(),
-  fileId: z.string().optional(),
+  imageId: z.string().min(1, "Gambar wajib diunggah"),
+  fileId: z.string().min(1, "File wajib diunggah"),
  items: z.array(ApbdesItemSchema).min(1, "Minimal ada 1 item"),
 });

--- a/src/app/admin/(dashboard)/landing-page/apbdes/[id]/edit/page.tsx
+++ b/src/app/admin/(dashboard)/landing-page/apbdes/[id]/edit/page.tsx
@@ -205,6 +205,7 @@ function EditAPBDes() {

      // Upload file baru jika ada perubahan
      if (imageFile) {
+        // Hapus file lama dari form jika ada file baru
        const res = await ApiFetch.api.fileStorage.create.post({
          file: imageFile,
          name: imageFile.name,
@@ -216,6 +217,7 @@ function EditAPBDes() {
      }

      if (docFile) {
+        // Hapus file lama dari form jika ada file baru
        const res = await ApiFetch.api.fileStorage.create.post({
          file: docFile,
          name: docFile.name,
@@ -226,7 +228,15 @@ function EditAPBDes() {
        }
      }

-      // Image dan file sekarang opsional, tidak perlu validasi
+      // Jika tidak ada file baru, gunakan ID lama (sudah ada di form)
+      // Pastikan imageId dan fileId tetap ada
+      if (!apbdesState.edit.form.imageId) {
+        return toast.warn('Gambar wajib diunggah');
+      }
+      if (!apbdesState.edit.form.fileId) {
+        return toast.warn('Dokumen wajib diunggah');
+      }
+
      const success = await apbdesState.edit.update();
      if (success) {
        router.push('/admin/landing-page/apbdes');
@@ -333,11 +343,11 @@ function EditAPBDes() {
            required
          />

-          {/* Gambar & Dokumen (Opsional) */}
+          {/* Gambar & Dokumen */}
          <Stack gap="xs">
            <Box>
              <Text fw="bold" fz="sm" mb={6}>
-                Gambar APBDes (Opsional)
+                Gambar APBDes
              </Text>
              <Dropzone
                onDrop={handleDrop('image')}
@@ -377,7 +387,6 @@ function EditAPBDes() {
                    onClick={() => {
                      setPreviewImage(null);
                      setImageFile(null);
-                      apbdesState.edit.form.imageId = ''; // Clear imageId from form
                    }}
                  >
                    <IconX size={14} />
@@ -388,7 +397,7 @@ function EditAPBDes() {

            <Box>
              <Text fw="bold" fz="sm" mb={6}>
-                Dokumen APBDes (Opsional)
+                Dokumen APBDes
              </Text>
              <Dropzone
                onDrop={handleDrop('doc')}
@@ -437,7 +446,6 @@ function EditAPBDes() {
                    onClick={() => {
                      setPreviewDoc(null);
                      setDocFile(null);
-                      apbdesState.edit.form.fileId = ''; // Clear fileId from form
                    }}
                  >
                    <IconX size={14} />
--- a/src/app/admin/(dashboard)/landing-page/apbdes/create/page.tsx
+++ b/src/app/admin/(dashboard)/landing-page/apbdes/create/page.tsx
@@ -46,9 +46,13 @@ function CreateAPBDes() {
  const [docFile, setDocFile] = useState<File | null>(null);
  const [isSubmitting, setIsSubmitting] = useState(false);

-  // Check if form is valid - hanya cek items, gambar dan file opsional
+  // Check if form is valid
  const isFormValid = () => {
-    return stateAPBDes.create.form.items.length > 0;
+    return (
+      imageFile !== null &&
+      docFile !== null &&
+      stateAPBDes.create.form.items.length > 0
+    );
  };

  // Form sementara untuk input item baru
@@ -80,34 +84,28 @@ function CreateAPBDes() {
  };

  const handleSubmit = async () => {
+    if (!imageFile || !docFile) {
+      return toast.warn("Pilih gambar dan dokumen terlebih dahulu");
+    }
    if (stateAPBDes.create.form.items.length === 0) {
      return toast.warn("Minimal tambahkan 1 item APBDes");
    }

    try {
      setIsSubmitting(true);
+      const [uploadImageRes, uploadDocRes] = await Promise.all([
+        ApiFetch.api.fileStorage.create.post({ file: imageFile, name: imageFile.name }),
+        ApiFetch.api.fileStorage.create.post({ file: docFile, name: docFile.name }),
+      ]);

-      // Upload files hanya jika ada file yang dipilih
-      let imageId = '';
-      let fileId = '';
+      const imageId = uploadImageRes?.data?.data?.id;
+      const fileId = uploadDocRes?.data?.data?.id;

-      if (imageFile) {
-        const uploadImageRes = await ApiFetch.api.fileStorage.create.post({
-          file: imageFile,
-          name: imageFile.name,
-        });
-        imageId = uploadImageRes?.data?.data?.id || '';
+      if (!imageId || !fileId) {
+        return toast.error("Gagal mengupload file");
      }

-      if (docFile) {
-        const uploadDocRes = await ApiFetch.api.fileStorage.create.post({
-          file: docFile,
-          name: docFile.name,
-        });
-        fileId = uploadDocRes?.data?.data?.id || '';
-      }
-
-      // Update form dengan ID file (bisa kosong)
+      // Update form dengan ID file
      stateAPBDes.create.form.imageId = imageId;
      stateAPBDes.create.form.fileId = fileId;

@@ -176,16 +174,12 @@ function CreateAPBDes() {
        style={{ border: '1px solid #e0e0e0' }}
      >
        <Stack gap="md">
-          {/* Info: File opsional */}
-          <Text fz="sm" c="dimmed" mb="xs">
-            * Upload gambar dan dokumen bersifat opsional. Bisa dikosongkan jika belum ada.
-          </Text>
-
+          {/* Gambar & Dokumen (dipendekkan untuk fokus pada items) */}
          <Stack gap={"xs"}>
            {/* Gambar APBDes */}
            <Box>
              <Text fw="bold" fz="sm" mb={6}>
-                Gambar APBDes (Opsional)
+                Gambar APBDes
              </Text>
              <Dropzone
                onDrop={(files) => {
@@ -255,10 +249,10 @@ function CreateAPBDes() {
              )}
            </Box>

-            {/* Dokumen APBDes (Opsional) */}
+            {/* Dokumen APBDes */}
            <Box>
              <Text fw="bold" fz="sm" mb={6}>
-                Dokumen APBDes (Opsional)
+                Dokumen APBDes
              </Text>
              <Dropzone
                onDrop={(files) => {
--- a/src/app/admin/(dashboard)/landing-page/prestasi-desa/kategori-prestasi-desa/page.tsx
+++ b/src/app/admin/(dashboard)/landing-page/prestasi-desa/kategori-prestasi-desa/page.tsx
@@ -211,9 +211,6 @@ function ListKategoriPrestasi({ search }: { search: string }) {
          </Stack>
        </Box>

-
-        
-
        {/* Modal Konfirmasi Hapus */}
        <ModalKonfirmasiHapus
          opened={modalHapus}
--- a/src/app/admin/(dashboard)/musik/create/page.tsx
+++ b/src/app/admin/(dashboard)/musik/create/page.tsx
@@ -402,7 +402,6 @@ export default function CreateMusik() {
            >
              Reset
            </Button>
-            

            <Button
              onClick={handleSubmit}
--- a/src/app/admin/(dashboard)/user&role/_com/getMenuIdByRole.ts
+++ b/src/app/admin/(dashboard)/user&role/_com/getMenuIdByRole.ts
@@ -1,25 +0,0 @@
-// src/app/admin/_com/getMenuIdsByRoleId.ts
-import { navBar, role1, role2, role3 } from '@/app/admin/_com/list_PageAdmin';
-
-/**
- * Mengembalikan daftar ID menu (string[]) berdasarkan roleId
- */
-export function getMenuIdsByRoleId(roleId: string | number): string[] {
-  const id = typeof roleId === 'string' ? parseInt(roleId, 10) : roleId;
-
-  switch (id) {
-    case 0:
-      // Asumsikan devBar ada dan punya struktur sama
-      return []; // atau sesuaikan jika ada devBar
-    case 1:
-      return navBar.map(section => section.id);
-    case 2:
-      return role1.map(section => section.id);
-    case 3:
-      return role2.map(section => section.id);
-    case 4:
-      return role3.map(section => section.id);
-    default:
-      return [];
-  }
-}
--- a/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/create.ts
+++ b/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/create.ts
@@ -17,8 +17,8 @@ type FormCreate = {
  name?: string;
  deskripsi?: string;
  jumlah?: string;
-  imageId?: string | null; // Opsional
-  fileId?: string | null; // Opsional
+  imageId: string;
+  fileId: string;
  items: APBDesItemInput[];
 };

@@ -32,7 +32,12 @@ export default async function apbdesCreate(context: Context) {
    if (!body.tahun) {
      throw new Error('Tahun is required');
    }
-    // Image dan file sekarang opsional
+    if (!body.imageId) {
+      throw new Error('Image ID is required');
+    }
+    if (!body.fileId) {
+      throw new Error('File ID is required');
+    }
    if (!body.items || body.items.length === 0) {
      throw new Error('At least one item is required');
    }
@@ -45,8 +50,8 @@ export default async function apbdesCreate(context: Context) {
          name: body.name || `APBDes Tahun ${body.tahun}`,
          deskripsi: body.deskripsi,
          jumlah: body.jumlah,
-          imageId: body.imageId || null, // null jika tidak ada
-          fileId: body.fileId || null, // null jika tidak ada
+          imageId: body.imageId,
+          fileId: body.fileId,
        },
      });

--- a/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/index.ts
+++ b/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/index.ts
@@ -36,8 +36,8 @@ const APBDes = new Elysia({
      name: t.Optional(t.String()),
      deskripsi: t.Optional(t.String()),
      jumlah: t.Optional(t.String()),
-      imageId: t.Optional(t.String()),
-      fileId: t.Optional(t.String()),
+      imageId: t.String(),
+      fileId: t.String(),
      items: t.Array(ApbdesItemSchema),
    }),
  })
@@ -50,8 +50,8 @@ const APBDes = new Elysia({
      name: t.Optional(t.String()),
      deskripsi: t.Optional(t.String()),
      jumlah: t.Optional(t.String()),
-      imageId: t.Optional(t.String()),
-      fileId: t.Optional(t.String()),
+      imageId: t.String(),
+      fileId: t.String(),
      items: t.Array(ApbdesItemSchema),
    }),
  })
--- a/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/updt.ts
+++ b/src/app/api/[[...slugs]]/_lib/landing_page/apbdes/updt.ts
@@ -1,7 +1,6 @@
 import prisma from "@/lib/prisma";
 import { Context } from "elysia";
 import { assignParentIdsToApbdesItems } from "./lib/getParentsID";
-import { RealisasiItem } from "@prisma/client";

 type APBDesItemInput = {
  kode: string;
@@ -16,8 +15,8 @@ type FormUpdateBody = {
  name?: string;
  deskripsi?: string;
  jumlah?: string;
-  imageId?: string | null;
-  fileId?: string | null;
+  imageId: string;
+  fileId: string;
  items: APBDesItemInput[];
 };

@@ -50,9 +49,9 @@ export default async function apbdesUpdate(context: Context) {
    }

    // 2. Build map untuk preserve realisasiItems berdasarkan kode
-    const existingItemsMap = new Map<string, {
-      id: string;
-      realisasiItems: RealisasiItem[];
+    const existingItemsMap = new Map<string, { 
+      id: string; 
+      realisasiItems: any[]; 
    }>();
    
    existing.items.forEach(item => {
@@ -129,7 +128,7 @@ export default async function apbdesUpdate(context: Context) {
    }

    // 8. Recalculate totalRealisasi setelah re-create realisasiItems
-    for (const kode of existingItemsMap.keys()) {
+    for (const [kode, _] of existingItemsMap.entries()) {
      const newItemId = newItemIdsMap.get(kode);
      if (newItemId) {
        const realisasiItems = await prisma.realisasiItem.findMany({
@@ -169,8 +168,8 @@ export default async function apbdesUpdate(context: Context) {
        name: body.name || `APBDes Tahun ${body.tahun}`,
        deskripsi: body.deskripsi,
        jumlah: body.jumlah,
-        imageId: body.imageId === '' ? null : body.imageId,
-        fileId: body.fileId === '' ? null : body.fileId,
+        imageId: body.imageId,
+        fileId: body.fileId,
      },
    });

--- a/src/app/api/[[...slugs]]/_lib/user/updt.ts
+++ b/src/app/api/[[...slugs]]/_lib/user/updt.ts
@@ -1,5 +1,4 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
-import { getMenuIdsByRoleId } from "@/app/admin/(dashboard)/user&role/_com/getMenuIdByRole";
 import prisma from "@/lib/prisma";
 import { Context } from "elysia";

@@ -35,25 +34,11 @@ export default async function userUpdate(context: Context) {
    const isActiveChanged =
      isActive !== undefined && currentUser.isActive !== isActive;

-    // ✅ Jika role berubah, reset dan set ulang akses menu
-    if (isRoleChanged && roleId) {
-      // Hapus akses lama
+    // ✅ Jika role berubah, hapus semua akses menu yang ada
+    if (isRoleChanged) {
      await prisma.userMenuAccess.deleteMany({
        where: { userId: id }
      });
-
-      // Ambil menu default untuk role baru
-      const menuIds = getMenuIdsByRoleId(roleId);
-
-      if (menuIds.length > 0) {
-        // Buat akses baru
-        await prisma.userMenuAccess.createMany({
-          data: menuIds.map(menuId => ({
-            userId: id,
-            menuId
-          }))
-        });
-      }
    }

    // Update user
--- a/src/app/api/auth/login/route.ts
+++ b/src/app/api/auth/login/route.ts
@@ -3,6 +3,7 @@ import prisma from "@/lib/prisma";
 import { NextResponse } from "next/server";
 import { randomOTP } from "../_lib/randomOTP";
 import { cookies } from "next/headers";
+import { sendWhatsAppOtp } from "@/lib/wa-service";

 export async function POST(req: Request) {
  if (req.method !== "POST") {
@@ -34,31 +35,22 @@ export async function POST(req: Request) {
      const otpNumber = Number(codeOtp);

      const waMessage = `Website Desa Darmasaba - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun Admin lainnya.\n\n>> Kode OTP anda: ${codeOtp}.`;
-      const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(waMessage)}`;
-      
-      console.log("🔍 Debug WA URL:", waUrl); 
-      
-      try {
-        const res = await fetch(waUrl);
-        const sendWa = await res.json();
-        console.log("📱 WA Response:", sendWa);

-        if (sendWa.status !== "success") {
-          console.error("❌ WA Service Error:", sendWa);
-          return NextResponse.json(
-            { 
-              success: false, 
-              message: "Gagal mengirim OTP via WhatsApp",
-              debug: sendWa 
-            },
-            { status: 400 }
-          );
-        }
-      } catch (waError) {
-        console.error("❌ Fetch WA Error:", waError);
+      // Send OTP via WhatsApp using authenticated API
+      const waResult = await sendWhatsAppOtp({
+        nomor,
+        message: waMessage,
+      });
+
+      if (!waResult.success) {
+        console.error("❌ WA Service Error:", waResult);
        return NextResponse.json(
-          { success: false, message: "Terjadi kesalahan saat mengirim WA" },
-          { status: 500 }
+          {
+            success: false,
+            message: waResult.message || "Gagal mengirim OTP via WhatsApp",
+            debug: waResult.data
+          },
+          { status: 400 }
        );
      }

--- a/src/app/api/auth/register/route.ts
+++ b/src/app/api/auth/register/route.ts
@@ -2,6 +2,7 @@ import { NextResponse } from 'next/server';
 import { cookies } from 'next/headers';
 import prisma from '@/lib/prisma';
 import { randomOTP } from '../_lib/randomOTP';
+import { sendWhatsAppOtp } from '@/lib/wa-service';

 export async function POST(req: Request) {
  try {
@@ -24,12 +25,18 @@ export async function POST(req: Request) {
    const otpNumber = Number(codeOtp);

    const waMessage = `Website Desa Darmasaba - Kode verifikasi Anda: ${codeOtp}`;
-    const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(waMessage)}`;
-    const waRes = await fetch(waUrl);
-    const waData = await waRes.json();

-    if (waData.status !== "success") {
-      return NextResponse.json({ success: false, message: 'Gagal mengirim OTP via WhatsApp' }, { status: 400 });
+    // Send OTP via WhatsApp using authenticated API
+    const waResult = await sendWhatsAppOtp({
+      nomor,
+      message: waMessage,
+    });
+
+    if (!waResult.success) {
+      return NextResponse.json(
+        { success: false, message: waResult.message || 'Gagal mengirim OTP via WhatsApp', debug: waResult.data },
+        { status: 400 }
+      );
    }

    // ✅ Simpan OTP ke database
--- a/src/app/api/auth/resend/route.ts
+++ b/src/app/api/auth/resend/route.ts
@@ -3,6 +3,7 @@ import prisma from "@/lib/prisma";

 import { NextResponse } from "next/server";
 import { randomOTP } from "../_lib/randomOTP";
+import { sendWhatsAppOtp } from "@/lib/wa-service";

 export async function POST(req: Request) {
  try {
@@ -18,15 +19,17 @@ export async function POST(req: Request) {
    const codeOtp = randomOTP();
    const otpNumber = Number(codeOtp);

-    // Kirim OTP via WhatsApp
+    // Kirim OTP via WhatsApp menggunakan API terautentikasi
    const waMessage = `Website Desa Darmasaba - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun Admin lainnya.\n\n>> Kode OTP anda: ${codeOtp}.`;
-    const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(waMessage)}`;
-    const waRes = await fetch(waUrl);
-    const waData = await waRes.json();

-    if (waData.status !== "success") {
+    const waResult = await sendWhatsAppOtp({
+      nomor,
+      message: waMessage,
+    });
+
+    if (!waResult.success) {
      return NextResponse.json(
-        { success: false, message: "Gagal mengirim OTP via WhatsApp" },
+        { success: false, message: waResult.message || "Gagal mengirim OTP via WhatsApp", debug: waResult.data },
        { status: 400 }
      );
    }
--- a/src/app/api/auth/send-otp-register/route.ts
+++ b/src/app/api/auth/send-otp-register/route.ts
@@ -1,6 +1,7 @@
 import prisma from "@/lib/prisma";
 import { NextResponse } from "next/server";
 import { randomOTP } from "../_lib/randomOTP";
+import { sendWhatsAppOtp } from "@/lib/wa-service";

 export async function POST(req: Request) {
  try {
@@ -22,13 +23,18 @@ export async function POST(req: Request) {
    const codeOtp = randomOTP();
    const otpNumber = Number(codeOtp);

-    // Kirim WA
-    const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=Website Desa Darmasaba - Kode verifikasi Anda: ${codeOtp}`;
-    const res = await fetch(waUrl);
-    const sendWa = await res.json();
+    // Kirim WA menggunakan API terautentikasi
+    const waMessage = `Website Desa Darmasaba - Kode verifikasi Anda: ${codeOtp}`;
+    const waResult = await sendWhatsAppOtp({
+      nomor,
+      message: waMessage,
+    });

-    if (sendWa.status !== "success") {
-      return NextResponse.json({ success: false, message: 'Gagal mengirim OTP' }, { status: 400 });
+    if (!waResult.success) {
+      return NextResponse.json(
+        { success: false, message: waResult.message || 'Gagal mengirim OTP', debug: waResult.data },
+        { status: 400 }
+      );
    }

    // Simpan OTP
--- a/src/app/context/MusicContext.tsx
+++ b/src/app/context/MusicContext.tsx
@@ -82,12 +82,6 @@ export function MusicProvider({ children }: { children: ReactNode }) {
  const audioRef = useRef<HTMLAudioElement | null>(null);
  const isSeekingRef = useRef(false);
  const animationFrameRef = useRef<number | null>(null);
-  const isRepeatRef = useRef(false); // Ref untuk avoid stale closure
-
-  // Sync ref dengan state
-  useEffect(() => {
-    isRepeatRef.current = isRepeat;
-  }, [isRepeat]);

  // Load musik data
  const loadMusikData = useCallback(async () => {
@@ -117,8 +111,7 @@ export function MusicProvider({ children }: { children: ReactNode }) {
    });

    audioRef.current.addEventListener('ended', () => {
-      // Gunakan ref untuk avoid stale closure
-      if (isRepeatRef.current) {
+      if (isRepeat) {
        audioRef.current!.currentTime = 0;
        audioRef.current!.play();
      } else {
@@ -139,7 +132,7 @@ export function MusicProvider({ children }: { children: ReactNode }) {
      }
    };
    // eslint-disable-next-line react-hooks/exhaustive-deps -- playNext is intentionally not in deps to avoid circular dependency
-  }, [loadMusikData]); // Remove isRepeat dari deps karena sudah pakai ref
+  }, [loadMusikData, isRepeat]);

  // Update time with requestAnimationFrame for smooth progress
  const updateTime = useCallback(() => {
--- a/src/app/darmasaba/_com/FixedPlayerBar.tsx
+++ b/src/app/darmasaba/_com/FixedPlayerBar.tsx
@@ -3,7 +3,6 @@ import {
  ActionIcon,
  Avatar,
  Box,
-  Button,
  Flex,
  Group,
  Paper,
@@ -13,7 +12,6 @@ import {
 } from '@mantine/core';
 import {
  IconArrowsShuffle,
-  IconMusic,
  IconPlayerPauseFilled,
  IconPlayerPlayFilled,
  IconPlayerSkipBackFilled,
@@ -47,7 +45,7 @@ export default function FixedPlayerBar() {
  } = useMusic();

  const [showVolume, setShowVolume] = useState(false);
-  const [isMinimized, setIsMinimized] = useState(false);
+  const [isPlayerVisible, setIsPlayerVisible] = useState(true);

  // Format time
  const formatTime = (seconds: number) => {
@@ -71,55 +69,12 @@ export default function FixedPlayerBar() {
    toggleShuffle();
  };

-  // Handle minimize player (show floating icon)
-  const handleMinimizePlayer = () => {
-    setIsMinimized(true);
+  // Handle close player
+  const handleClosePlayer = () => {
+    setIsPlayerVisible(false);
  };

-  // Handle restore player from floating icon
-  const handleRestorePlayer = () => {
-    setIsMinimized(false);
-  };
-
-  // If minimized, show floating icon instead of player bar
-  if (isMinimized) {
-    return (
-      <>
-        {/* Floating Music Icon - Shows when player is minimized */}
-        <Button
-          color="#0B4F78"
-          variant="filled"
-          size="md"
-          mt="md"
-          style={{
-            position: 'fixed',
-            top: '50%', // Menempatkan titik atas ikon di tengah layar
-            left: '0px',
-            transform: 'translateY(-50%)', // Menggeser ikon ke atas sebesar setengah tingginya sendiri agar benar-benar di tengah
-            borderBottomRightRadius: '20px',
-            borderTopRightRadius: '20px',
-            cursor: 'pointer',
-            transition: 'transform 0.2s ease',
-            zIndex: 1
-          }}
-          onClick={handleRestorePlayer}
-          onMouseEnter={(e) => {
-            e.currentTarget.style.transform = 'translateY(-50%) scale(1.1)';
-          }}
-          onMouseLeave={(e) => {
-            e.currentTarget.style.transform = 'translateY(-50%)';
-          }}
-        >
-          <IconMusic size={28} color="white" />
-        </Button>
-
-        {/* Spacer to prevent content from being hidden behind player */}
-        <Box h={20} />
-      </>
-    );
-  }
-
-  if (!currentSong) {
+  if (!currentSong || !isPlayerVisible) {
    return null;
  }

@@ -134,12 +89,12 @@ export default function FixedPlayerBar() {
        p="sm"
        shadow="lg"
        style={{
-          zIndex: 1,
+          zIndex: 1000,
          borderTop: '1px solid rgba(0,0,0,0.1)',
        }}
      >
        <Flex align="center" gap="md" justify="space-between">
-          {/* Song Info - Left */}
+          {/* Song Info */}
          <Group gap="sm" flex={1} style={{ minWidth: 0 }}>
            <Avatar
              src={currentSong.coverImage?.link || ''}
@@ -158,81 +113,78 @@ export default function FixedPlayerBar() {
            </Box>
          </Group>

-          {/* Controls + Progress - Center */}
-          <Group gap="xs" flex={2} justify="center">
-            {/* Control Buttons */}
-            <Group gap="xs">
-              <ActionIcon
-                variant={isShuffle ? 'filled' : 'subtle'}
-                color={isShuffle ? 'blue' : 'gray'}
-                size="lg"
-                onClick={handleToggleShuffle}
-                title="Shuffle"
-              >
-                <IconArrowsShuffle size={18} />
-              </ActionIcon>
+          {/* Controls */}
+          <Group gap="xs">
+            <ActionIcon
+              variant={isShuffle ? 'filled' : 'subtle'}
+              color={isShuffle ? 'blue' : 'gray'}
+              size="lg"
+              onClick={handleToggleShuffle}
+              title="Shuffle"
+            >
+              <IconArrowsShuffle size={18} />
+            </ActionIcon>

-              <ActionIcon
-                variant="subtle"
-                color="gray"
-                size="lg"
-                onClick={playPrev}
-                title="Previous"
-              >
-                <IconPlayerSkipBackFilled size={20} />
-              </ActionIcon>
+            <ActionIcon
+              variant="subtle"
+              color="gray"
+              size="lg"
+              onClick={playPrev}
+              title="Previous"
+            >
+              <IconPlayerSkipBackFilled size={20} />
+            </ActionIcon>

-              <ActionIcon
-                variant="filled"
-                color={isPlaying ? 'blue' : 'gray'}
-                size="xl"
-                radius="xl"
-                onClick={togglePlayPause}
-                title={isPlaying ? 'Pause' : 'Play'}
-              >
-                {isPlaying ? (
-                  <IconPlayerPauseFilled size={24} />
-                ) : (
-                  <IconPlayerPlayFilled size={24} />
-                )}
-              </ActionIcon>
+            <ActionIcon
+              variant="filled"
+              color={isPlaying ? 'blue' : 'gray'}
+              size="xl"
+              radius="xl"
+              onClick={togglePlayPause}
+              title={isPlaying ? 'Pause' : 'Play'}
+            >
+              {isPlaying ? (
+                <IconPlayerPauseFilled size={24} />
+              ) : (
+                <IconPlayerPlayFilled size={24} />
+              )}
+            </ActionIcon>

-              <ActionIcon
-                variant="subtle"
-                color="gray"
-                size="lg"
-                onClick={playNext}
-                title="Next"
-              >
-                <IconPlayerSkipForwardFilled size={20} />
-              </ActionIcon>
+            <ActionIcon
+              variant="subtle"
+              color="gray"
+              size="lg"
+              onClick={playNext}
+              title="Next"
+            >
+              <IconPlayerSkipForwardFilled size={20} />
+            </ActionIcon>

-              <ActionIcon
-                variant="subtle"
-                color={isRepeat ? 'blue' : 'gray'}
-                size="lg"
-                onClick={toggleRepeat}
-                title={isRepeat ? 'Repeat On' : 'Repeat Off'}
-              >
-                {isRepeat ? <IconRepeat size={18} /> : <IconRepeatOff size={18} />}
-              </ActionIcon>
-            </Group>
-
-            {/* Progress Bar - Desktop */}
-            <Box w={200} display={{ base: 'none', md: 'block' }}>
-              <Slider
-                value={currentTime}
-                max={duration || 100}
-                onChange={handleSeek}
-                size="sm"
-                color="blue"
-                label={(value) => formatTime(value)}
-              />
-            </Box>
+            <ActionIcon
+              variant="subtle"
+              color={isRepeat ? 'blue' : 'gray'}
+              size="lg"
+              onClick={toggleRepeat}
+              title={isRepeat ? 'Repeat On' : 'Repeat Off'}
+            >
+              {isRepeat ? <IconRepeat size={18} /> : <IconRepeatOff size={18} />}
+            </ActionIcon>
          </Group>

-          {/* Right Controls - Volume + Close */}
-          <Group gap="xs" flex={1} justify="flex-end">
+          {/* Progress Bar - Desktop */}
+          <Box w={200} display={{ base: 'none', md: 'block' }}>
+            <Slider
+              value={currentTime}
+              max={duration || 100}
+              onChange={handleSeek}
+              size="sm"
+              color="blue"
+              label={(value) => formatTime(value)}
+            />
+          </Box>
+
+          {/* Right Controls */}
+          <Group gap="xs">
            <Box
              onMouseEnter={() => setShowVolume(true)}
              onMouseLeave={() => setShowVolume(false)}
@@ -289,8 +241,8 @@ export default function FixedPlayerBar() {
              variant="subtle"
              color="gray"
              size="lg"
-              onClick={handleMinimizePlayer}
-              title="Minimize player"
+              onClick={handleClosePlayer}
+              title="Close player"
            >
              <IconX size={18} />
            </ActionIcon>
--- a/src/app/darmasaba/_com/NewsReaderalanding.tsx
+++ b/src/app/darmasaba/_com/NewsReaderalanding.tsx
@@ -1,6 +1,6 @@
 'use client';
 import { Button } from '@mantine/core';
-import { IconDisabled, IconDisabledOff } from '@tabler/icons-react';
+import { IconMusic, IconMusicOff } from '@tabler/icons-react';
 import { useEffect, useRef, useState } from 'react';

 const NewsReaderLanding = () => {
@@ -95,17 +95,15 @@ const NewsReaderLanding = () => {
      mt="md"
      style={{
        position: 'fixed',
-        top: '50%', // Menempatkan titik atas ikon di tengah layar
+        bottom: '350px',
        left: '0px',
-        transform: 'translateY(80%)', // Menggeser ikon ke atas sebesar setengah tingginya sendiri agar benar-benar di tengah
        borderBottomRightRadius: '20px',
        borderTopRightRadius: '20px',
-        cursor: 'pointer',
-        transition: 'transform 0.2s',
+        transition: 'all 0.3s ease',
        zIndex: 1
      }}
    >
-      {isPointerMode ? <IconDisabledOff /> : <IconDisabled />}
+      {isPointerMode ? <IconMusicOff /> : <IconMusic />}
    </Button>
  );
 };
--- a/src/app/darmasaba/_com/main-page/apbdes/lib/grafikRealisasi.tsx
+++ b/src/app/darmasaba/_com/main-page/apbdes/lib/grafikRealisasi.tsx
@@ -1,27 +1,12 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import { Paper, Title, Progress, Stack, Text, Group, Box } from '@mantine/core';

-interface APBDesItem {
-  tipe: string | null;
-  anggaran: number;
-  realisasi?: number;
-  totalRealisasi?: number;
-}
-
-interface SummaryProps {
-  title: string;
-  data: APBDesItem[];
-}
-
-function Summary({ title, data }: SummaryProps) {
+function Summary({ title, data }: any) {
  if (!data || data.length === 0) return null;

-  const totalAnggaran = data.reduce((s: number, i: APBDesItem) => s + i.anggaran, 0);
+  const totalAnggaran = data.reduce((s: number, i: any) => s + i.anggaran, 0);
  // Use realisasi field (already mapped from totalRealisasi in transformAPBDesData)
-  const totalRealisasi = data.reduce(
-    (s: number, i: APBDesItem) => s + (i.realisasi || i.totalRealisasi || 0),
-    0
-  );
+  const totalRealisasi = data.reduce((s: number, i: any) => s + (i.realisasi || i.totalRealisasi || 0), 0);

  const persen =
    totalAnggaran > 0 ? (totalRealisasi / totalAnggaran) * 100 : 0;
@@ -93,21 +78,28 @@ function Summary({ title, data }: SummaryProps) {
  );
 }

-export default function GrafikRealisasi({
-  apbdesData,
-}: {
-  apbdesData: {
-    tahun?: number | null;
-    items?: APBDesItem[] | null;
-    [key: string]: any;
-  };
-}) {
-  const items = apbdesData?.items || [];
-  const tahun = apbdesData?.tahun || new Date().getFullYear();
+export default function GrafikRealisasi({ apbdesData }: any) {
+  const items = apbdesData.items || [];
+  const tahun = apbdesData.tahun || new Date().getFullYear();

-  const pendapatan = items.filter((i: APBDesItem) => i.tipe === 'pendapatan');
-  const belanja = items.filter((i: APBDesItem) => i.tipe === 'belanja');
-  const pembiayaan = items.filter((i: APBDesItem) => i.tipe === 'pembiayaan');
+  const pendapatan = items.filter((i: any) => i.tipe === 'pendapatan');
+  const belanja = items.filter((i: any) => i.tipe === 'belanja');
+  const pembiayaan = items.filter((i: any) => i.tipe === 'pembiayaan');
+
+  // Hitung total keseluruhan
+  const totalAnggaranSemua = items.reduce((s: number, i: any) => s + i.anggaran, 0);
+  // Use realisasi field (already mapped from totalRealisasi in transformAPBDesData)
+  const totalRealisasiSemua = items.reduce((s: number, i: any) => s + (i.realisasi || i.totalRealisasi || 0), 0);
+  const persenSemua = totalAnggaranSemua > 0 ? (totalRealisasiSemua / totalAnggaranSemua) * 100 : 0;
+
+  const formatRupiah = (angka: number) => {
+    return new Intl.NumberFormat('id-ID', {
+      style: 'currency',
+      currency: 'IDR',
+      minimumFractionDigits: 0,
+      maximumFractionDigits: 0,
+    }).format(angka);
+  };

  return (
    <Paper withBorder p="md" radius="md">
@@ -120,6 +112,27 @@ export default function GrafikRealisasi({
        <Summary title="💸 Belanja" data={belanja} />
        <Summary title="📊 Pembiayaan" data={pembiayaan} />
      </Stack>
+
+      {/* Summary Total Keseluruhan */}
+      <Box p="md" bg="gray.0">
+        <>
+          <Group justify="space-between" mb="xs">
+            <Text fw={700} fz="lg">TOTAL KESELURUHAN</Text>
+            <Text fw={700} fz="xl" c={persenSemua >= 100 ? 'teal' : persenSemua >= 80 ? 'blue' : 'red'}>
+              {persenSemua.toFixed(2)}%
+            </Text>
+          </Group>
+          <Text fz="sm" c="dimmed" mb="xs">
+            {formatRupiah(totalRealisasiSemua)} / {formatRupiah(totalAnggaranSemua)}
+          </Text>
+          <Progress
+            value={persenSemua}
+            size="lg"
+            radius="xl"
+            color={persenSemua >= 100 ? 'teal' : persenSemua >= 80 ? 'blue' : 'red'}
+          />
+        </>
+      </Box>
    </Paper>
  );
 }
--- a/src/app/layout.tsx
+++ b/src/app/layout.tsx
@@ -1,5 +1,5 @@
 import "@mantine/core/styles.css";
-import "./globals.css"; // Sisanya import di globals.css
+import "./globals.css";

 import LoadDataFirstClient from "@/app/darmasaba/_com/LoadDataFirstClient";
 import { MusicProvider } from "@/app/context/MusicContext";
@@ -8,7 +8,6 @@ import {
  MantineProvider,
  createTheme,
  mantineHtmlProps,
-  // mantineHtmlProps,
 } from "@mantine/core";
 import { Metadata, Viewport } from "next";
 import { ViewTransitions } from "next-view-transitions";
@@ -99,13 +98,13 @@ export default function RootLayout({
  children: React.ReactNode;
 }) {
  return (
-    <html lang="id" {...mantineHtmlProps}>
-      <head>
-        <meta charSet="utf-8" />
-        <ColorSchemeScript defaultColorScheme="light" />
-      </head>
-      <body>
-        <ViewTransitions>
+    <ViewTransitions>
+      <html lang="id" {...mantineHtmlProps}>
+        <head>
+          <meta charSet="utf-8" />
+          <ColorSchemeScript defaultColorScheme="light" />
+        </head>
+        <body>
          <MusicProvider>
            <MantineProvider theme={theme} defaultColorScheme="light">
              {children}
@@ -117,8 +116,8 @@ export default function RootLayout({
              />
            </MantineProvider>
          </MusicProvider>
-        </ViewTransitions>
-      </body>
-    </html>
+        </body>
+      </html>
+    </ViewTransitions>
  );
 }
--- a/src/app/terms-of-service/page.tsx
+++ b/src/app/terms-of-service/page.tsx
@@ -16,7 +16,6 @@ function Page() {
            dengan ketentuan ini, harap jangan gunakan Website.
          </Text>
        </Paper>
-        

        <Box>
          <Title order={2} size="h2" fw={700} c="blue.9" mb="md">
--- a/src/lib/wa-service.ts
+++ b/src/lib/wa-service.ts
@@ -0,0 +1,122 @@
+/**
+ * WhatsApp Service - Send OTP via WhatsApp using otp.wibudev.com API
+ * Uses API Key authentication for secure access
+ */
+
+interface SendWaOtpParams {
+  nomor: string;
+  message: string;
+}
+
+interface SendWaOtpResponse {
+  success: boolean;
+  message?: string;
+  data?: any;
+}
+
+/**
+ * Send WhatsApp message using wibudev.com API with authentication
+ * @param params - { nomor: string, message: string }
+ * @returns Promise<SendWaOtpResponse>
+ */
+export async function sendWhatsAppOtp({
+  nomor,
+  message,
+}: SendWaOtpParams): Promise<SendWaOtpResponse> {
+  const apiKey = process.env.WIBU_WA_API_KEY;
+  const waApiUrl = process.env.WIBU_WA_API_URL || 'https://wa.wibudev.com';
+
+  if (!apiKey) {
+    console.error('❌ WIBU_WA_API_KEY is not configured');
+    return {
+      success: false,
+      message: 'WhatsApp API key not configured',
+    };
+  }
+
+  try {
+    // Using the API endpoint with authentication
+    // Format: GET https://wa.wibudev.com/code?nom=...&text=...
+    // With Authorization header for API key
+    const url = `${waApiUrl}/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(message)}`;
+    
+    const response = await fetch(url, {
+      method: 'GET',
+      headers: {
+        'Authorization': `Bearer ${apiKey}`,
+        'X-API-Key': apiKey,
+      },
+    });
+
+    const result = await response.json();
+
+    if (!response.ok) {
+      console.error('❌ WA API Error:', result);
+      return {
+        success: false,
+        message: result.message || 'Failed to send WhatsApp message',
+        data: result,
+      };
+    }
+
+    // Check if response has success status
+    if (result.status !== 'success') {
+      console.error('❌ WA API Status Error:', result);
+      return {
+        success: false,
+        message: result.message || 'Failed to send WhatsApp message',
+        data: result,
+      };
+    }
+
+    console.log('✅ WA Response:', result);
+    return {
+      success: true,
+      message: 'WhatsApp sent successfully',
+      data: result,
+    };
+  } catch (error) {
+    console.error('❌ Fetch WA API Error:', error);
+    return {
+      success: false,
+      message: error instanceof Error ? error.message : 'Unknown error occurred',
+    };
+  }
+}
+
+/**
+ * Legacy function for backward compatibility (deprecated)
+ * @deprecated Use sendWhatsAppOtp instead
+ */
+export async function sendWhatsAppOtpLegacy({
+  nomor,
+  message,
+}: SendWaOtpParams): Promise<SendWaOtpResponse> {
+  const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(message)}`;
+
+  try {
+    const res = await fetch(waUrl);
+    const result = await res.json();
+
+    if (result.status !== 'success') {
+      console.error('❌ WA Legacy Error:', result);
+      return {
+        success: false,
+        message: result.message || 'Failed to send WhatsApp message',
+        data: result,
+      };
+    }
+
+    return {
+      success: true,
+      message: 'WhatsApp sent successfully',
+      data: result,
+    };
+  } catch (error) {
+    console.error('❌ Fetch WA Legacy Error:', error);
+    return {
+      success: false,
+      message: error instanceof Error ? error.message : 'Unknown error occurred',
+    };
+  }
+}