Test C 1

Reviewed-on: http://wibugit.wibudev.com/wibu/desa-darmasaba/pulls/23

prisma/data/user/users.json

@@ -0,0 +1,10 @@
+[
+  {
+    "id": "cmie1o0zh0002vn132vtzg7hh",
+    "username": "SuperAdmin-Nico",
+    "nomor": "6289647037426",
+    "roleId": 0,
+    "isActive": true,
+    "sessionInvalid": false
+  }
+]

prisma/schema.prisma

@@ -2163,20 +2163,20 @@ enum StatusPeminjaman {
 // ========================================= USER ========================================= //
 
 model User {
-  id             String    @id @default(cuid())
+  id             String           @id @default(cuid())
   username       String
-  nomor          String    @unique
-  roleId         String     @default("2")
-  isActive       Boolean   @default(false)
-  sessionInvalid Boolean   @default(false)
+  nomor          String           @unique
+  roleId         String           @default("2")
+  isActive       Boolean          @default(false)
+  sessionInvalid Boolean          @default(false)
   lastLogin      DateTime?
-  createdAt      DateTime  @default(now())
-  updatedAt      DateTime  @default(now()) @updatedAt
-  
-  sessions       UserSession[]  // ✅ Relasi one-to-many
-  role           Role           @relation(fields: [roleId], references: [id])
+  createdAt      DateTime         @default(now())
+  updatedAt      DateTime         @default(now()) @updatedAt
+  permissions    Json?
+  sessions       UserSession[] // ✅ Relasi one-to-many
+  role           Role             @relation(fields: [roleId], references: [id])
   menuAccesses   UserMenuAccess[]
-  
+
   @@map("users")
 }
 
@@ -2184,6 +2184,7 @@ model Role {
   id          String    @id @default(cuid())
   name        String    @unique // ADMIN_DESA, ADMIN_KESEHATAN, ADMIN_SEKOLAH
   description String?
+  permissions Json?
   isActive    Boolean   @default(true)
   createdAt   DateTime  @default(now())
   updatedAt   DateTime  @updatedAt
@@ -2203,18 +2204,18 @@ model KodeOtp {
 }
 
 model UserSession {
-  id        String    @id @default(cuid())
-  token     String    @db.Text  // ✅ JWT bisa panjang
-  expiresAt DateTime              // ✅ Ubah jadi expiresAt (konsisten)
-  active    Boolean   @default(true)
-  createdAt DateTime  @default(now())
-  updatedAt DateTime  @default(now()) @updatedAt
-  
-  user      User      @relation(fields: [userId], references: [id], onDelete: Cascade)
-  userId    String    // ✅ HAPUS @unique - user bisa punya multiple sessions
-  
-  @@index([userId])           // ✅ Index untuk query cepat
-  @@index([token])            // ✅ Index untuk verify cepat
+  id        String   @id @default(cuid())
+  token     String   @db.Text // ✅ JWT bisa panjang
+  expiresAt DateTime // ✅ Ubah jadi expiresAt (konsisten)
+  active    Boolean  @default(true)
+  createdAt DateTime @default(now())
+  updatedAt DateTime @default(now()) @updatedAt
+
+  user   User   @relation(fields: [userId], references: [id], onDelete: Cascade)
+  userId String // ✅ HAPUS @unique - user bisa punya multiple sessions
+
+  @@index([userId]) // ✅ Index untuk query cepat
+  @@index([token]) // ✅ Index untuk verify cepat
   @@map("user_sessions")
 }
 

prisma/seed.ts

@@ -1,3 +1,4 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/no-unused-vars */
 import prisma from "@/lib/prisma";
 import profilePejabatDesa from "./data/landing-page/profile/profile.json";
@@ -57,46 +58,107 @@ import roles from "./data/user/roles.json";
 import fileStorage from "./data/file-storage.json";
 import jenjangPendidikan from "./data/pendidikan/info-sekolah/jenjang-pendidikan.json";
 import seedAssets from "./seed_assets";
+import users from "./data/user/users.json";
 import { safeSeedUnique } from "./safeseedUnique";
 
 (async () => {
-  // =========== ROLE ===========
-  // In your seed.ts
-  // =========== ROLES ===========
   console.log("🔄 Seeding roles...");
-  for (const r of roles) {
-    await safeSeedUnique("role", { id: r.id }, {
-      name: r.name,
-      description: r.description,
-      isActive: r.isActive,
-    });
-  }
 
-  console.log("✅ Roles seeded");
+  for (const r of roles) {
+    try {
+      // ✅ Destructure to remove permissions if exists
+      const { permissions, ...roleData } = r as any;
+
+      await safeSeedUnique(
+        "role",
+        { name: roleData.name },
+        {
+          id: roleData.id,
+          name: roleData.name,
+          description: roleData.description,
+          permissions: roleData.permissions || {}, // ✅ Include permissions
+          isActive: roleData.isActive,
+        }
+      );
+      console.log(`✅ Seeded role -> ${roleData.name}`);
+    } catch (error: any) {
+      if (error.code === "P2002") {
+        console.warn(`⚠️ Role already exists (skipping): ${r.name}`);
+      } else {
+        console.error(`❌ Failed to seed role ${r.name}:`, error.message);
+      }
+    }
+  }
+  console.log("✅ Roles seeding completed");
+
+  // =========== USER ===========
+  console.log("🔄 Seeding users...");
+  for (const u of users) {
+    try {
+      // Verify role exists first
+      const roleExists = await prisma.role.findUnique({
+        where: { id: u.roleId.toString() },
+        select: { id: true }, // Only select id to minimize query
+      });
+
+      if (!roleExists) {
+        console.error(
+          `❌ Role with id ${u.roleId} not found for user ${u.username}`
+        );
+        continue;
+      }
+
+      await safeSeedUnique(
+        "user",
+        { id: u.id },
+        {
+          username: u.username,
+          nomor: u.nomor,
+          roleId: u.roleId.toString(),
+          isActive: u.isActive,
+          sessionInvalid: false,
+        }
+      );
+      console.log(`✅ Seeded user -> ${u.username}`);
+    } catch (error: any) {
+      if (error.code === "P2003") {
+        console.error(
+          `❌ Foreign key constraint failed for user ${u.username}: Role ${u.roleId} does not exist`
+        );
+      } else {
+        console.error(`❌ Failed to seed user ${u.username}:`, error.message);
+      }
+    }
+  }
+  console.log("✅ Users seeding completed");
 
   // =========== FILE STORAGE ===========
   console.log("🔄 Seeding file storage...");
   for (const f of fileStorage) {
-    await prisma.fileStorage.upsert({
-      where: { id: f.id },
-      update: {
-        name: f.name,
-        realName: f.realName,
-        path: f.path,
-        mimeType: f.mimeType,
-        link: f.link,
-        category: f.category,
-      },
-      create: {
-        id: f.id,
-        name: f.name,
-        realName: f.realName,
-        path: f.path,
-        mimeType: f.mimeType,
-        link: f.link,
-        category: f.category,
-      },
-    });
+    try {
+      await prisma.fileStorage.upsert({
+        where: { id: f.id },
+        update: {
+          name: f.name,
+          realName: f.realName,
+          path: f.path,
+          mimeType: f.mimeType,
+          link: f.link,
+          category: f.category,
+        },
+        create: {
+          id: f.id,
+          name: f.name,
+          realName: f.realName,
+          path: f.path,
+          mimeType: f.mimeType,
+          link: f.link,
+          category: f.category,
+        },
+      });
+    } catch (error: any) {
+      console.error(`❌ Failed to seed file storage ${f.name}:`, error.message);
+    }
   }
   console.log("✅ File storage seeded");
   // =========== LANDING PAGE ===========
@@ -515,15 +577,40 @@ import { safeSeedUnique } from "./safeseedUnique";
   console.log("posisi organisasi berhasil");
 
   // =========== PEGAWAI PPID ===========
+  console.log("🔄 Seeding pegawai PPID...");
   const flattenedPegawai = pegawaiPPID.flat();
+
+  // Check for duplicate emails
+  const emails = new Set();
   for (const p of flattenedPegawai) {
-    await prisma.pegawaiPPID.upsert({
-      where: { id: p.id },
-      update: p,
-      create: p,
-    });
+    if (emails.has(p.email)) {
+      console.warn(`⚠️ Duplicate email found in pegawaiPPID: ${p.email}`);
+    }
+    emails.add(p.email);
   }
-  console.log("pegawai berhasil");
+
+  for (const p of flattenedPegawai) {
+    try {
+      await prisma.pegawaiPPID.upsert({
+        where: { id: p.id },
+        update: p,
+        create: p,
+      });
+      console.log(`✅ Seeded pegawai PPID -> ${p.namaLengkap}`);
+    } catch (error: any) {
+      if (error.code === "P2002") {
+        console.warn(
+          `⚠️ Pegawai PPID with duplicate email (skipping): ${p.email}`
+        );
+      } else {
+        console.error(
+          `❌ Failed to seed pegawai PPID ${p.namaLengkap}:`,
+          error.message
+        );
+      }
+    }
+  }
+  console.log("✅ pegawai PPID seeding completed");
 
   // =========== SUBMENU VISI MISI PPID ===========
 
@@ -787,7 +874,9 @@ import { safeSeedUnique } from "./safeseedUnique";
   const flattenedPosisiBumdes = posisiOrganisasi.flat();
 
   // ✅ Urutkan berdasarkan hierarki
-  const sortedPosisiBumdes = flattenedPosisiBumdes.sort((a, b) => a.hierarki - b.hierarki);
+  const sortedPosisiBumdes = flattenedPosisiBumdes.sort(
+    (a, b) => a.hierarki - b.hierarki
+  );
 
   for (const p of sortedPosisiBumdes) {
     console.log(`Seeding: ${p.nama} (id: ${p.id}, parent: ${p.parentId})`);
@@ -867,7 +956,7 @@ import { safeSeedUnique } from "./safeseedUnique";
   // Add IDs to the kategoriKegiatan data
   const kategoriKegiatan = kategoriKegiatanData.map((k, index) => ({
     ...k,
-    id: `kategori-${index + 1}`
+    id: `kategori-${index + 1}`,
   }));
 
   for (const k of kategoriKegiatan) {
@@ -1159,7 +1248,6 @@ import { safeSeedUnique } from "./safeseedUnique";
 
   // seed assets
   await seedAssets();
-
 })()
   .then(() => prisma.$disconnect())
   .catch((e) => {

src/app/admin/(dashboard)/auth/login-admin/page.tsx

@@ -15,7 +15,9 @@ function Login() {
 
   // Login.tsx
   async function onLogin() {
+
     const cleanPhone = phone.replace(/\D/g, '');
+    console.log(cleanPhone);
     if (cleanPhone.length < 10) {
       toast.error('Nomor telepon tidak valid');
       return;
@@ -25,6 +27,8 @@ function Login() {
       setLoading(true);
       const response = await apiFetchLogin({ nomor: cleanPhone });
 
+      console.log(response);
+
       if (!response.success) {
         toast.error(response.message || 'Gagal memproses login');
         return;
@@ -32,11 +36,12 @@ function Login() {
 
       // Simpan nomor untuk register
       localStorage.setItem('auth_nomor', cleanPhone);
-
       if (response.isRegistered) {
-        // ✅ User lama: simpan kodeId & ke validasi
+        // ✅ User lama: simpan kodeId
         localStorage.setItem('auth_kodeId', response.kodeId);
-        router.push('/validasi');
+
+        // ✅ Cookie sudah di-set oleh API, langsung redirect
+        router.push('/validasi'); // Clean URL
       } else {
         // ❌ User baru: langsung ke registrasi (tanpa kodeId)
         router.push('/registrasi');

src/app/admin/(dashboard)/auth/validasi-admin/page.tsx

@@ -19,17 +19,34 @@ import { authStore } from '@/store/authStore';
 
 export default function Validasi() {
   const router = useRouter();
+
   const [nomor, setNomor] = useState<string | null>(null);
   const [otp, setOtp] = useState('');
   const [loading, setLoading] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [kodeId, setKodeId] = useState<string | null>(null);
-  const [isRegistrationFlow, setIsRegistrationFlow] = useState(false); // Tambahkan flag
+  const [isRegistrationFlow, setIsRegistrationFlow] = useState(false);
 
-  // Cek apakah ini alur registrasi
+  // ✅ Deteksi flow dari cookie via API
   useEffect(() => {
-    const storedUsername = localStorage.getItem('auth_username');
-    setIsRegistrationFlow(!!storedUsername);
+    const checkFlow = async () => {
+      try {
+        const res = await fetch('/api/get-flow', {
+          credentials: 'include'
+        });
+        const data = await res.json();
+
+        if (data.success) {
+          setIsRegistrationFlow(data.flow === 'register');
+          console.log('🔍 Flow detected from cookie:', data.flow);
+        }
+      } catch (error) {
+        console.error('❌ Error getting flow:', error);
+        setIsRegistrationFlow(false);
+      }
+    };
+
+    checkFlow();
   }, []);
 
   useEffect(() => {
@@ -43,7 +60,7 @@ export default function Validasi() {
     setKodeId(storedKodeId);
     const loadOtpData = async () => {
       try {
-        const res = await fetch(`/api/auth/otp-data?kodeId=${encodeURIComponent(storedKodeId)}`);
+        const res = await fetch(`/api/otp-data?kodeId=${encodeURIComponent(storedKodeId)}`);
         const result = await res.json();
 
         if (res.ok && result.data?.nomor) {
@@ -68,10 +85,8 @@ export default function Validasi() {
     setLoading(true);
     try {
       if (isRegistrationFlow) {
-        // 🔑 Alur REGISTRASI
         await handleRegistrationVerification();
       } else {
-        // 🔑 Alur LOGIN
         await handleLoginVerification();
       }
     } catch (error) {
@@ -82,71 +97,62 @@ export default function Validasi() {
     }
   };
 
-  // ✅ Verifikasi OTP untuk REGISTRASI
   const handleRegistrationVerification = async () => {
     const username = localStorage.getItem('auth_username');
     if (!username) {
-      toast.error('Data registrasi tidak ditemukan. Silakan ulangi dari awal.');
+      toast.error('Data registrasi tidak ditemukan.');
       return;
     }
 
-    // ✅ Validasi format
     const cleanNomor = nomor?.replace(/\D/g, '') ?? '';
-    if (cleanNomor.length < 10) {
-      toast.error('Nomor tidak valid');
+    if (cleanNomor.length < 10 || username.trim().length < 5) {
+      toast.error('Data tidak valid');
       return;
     }
 
-    if (username.trim().length < 5) {
-      toast.error('Username minimal 5 karakter');
-      return;
-    }
-
-    // 1. Verifikasi OTP via endpoint register
+    // ✅ Verify OTP
     const verifyRes = await fetch('/api/auth/verify-otp-register', {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ nomor: cleanNomor, otp, kodeId }),
+      credentials: 'include'
     });
 
     const verifyData = await verifyRes.json();
-
     if (!verifyRes.ok) {
       toast.error(verifyData.message || 'Verifikasi OTP gagal');
       return;
     }
 
-    // 2. Finalisasi registrasi
     const finalizeRes = await fetch('/api/auth/finalize-registration', {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ nomor, username, kodeId }), // 🔴 Tidak perlu kirim `otp` ke sini
+      body: JSON.stringify({ nomor: cleanNomor, username, kodeId }),
+      credentials: 'include'
     });
 
-    const finalizeData = await finalizeRes.json();
+    const data = await finalizeRes.json();
 
-    if (!finalizeRes.ok) {
-      toast.error(finalizeData.message || 'Registrasi gagal');
-      return;
+    // ✅ Check JSON response (bukan redirect)
+    if (data.success) {
+      toast.success('Registrasi berhasil! Menunggu persetujuan admin.');
+      await cleanupStorage();
+
+      // ✅ Client-side redirect
+      setTimeout(() => {
+        window.location.href = '/waiting-room';
+      }, 1000);
+    } else {
+      toast.error(data.message || 'Registrasi gagal');
     }
-
-    // 3. Set user & redirect
-    authStore.setUser({
-      id: finalizeData.user.id,
-      name: finalizeData.user.name,
-      roleId: Number(finalizeData.user.roleId),
-    });
-
-    cleanupStorage();
-    window.location.href = '/waiting-room';
   };
 
-  // ✅ Verifikasi OTP untuk LOGIN
   const handleLoginVerification = async () => {
-    const loginRes = await fetch('/api/auth/verify-otp-login', {
+    const loginRes = await fetch('/api/verify-otp-login', {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ nomor, otp, kodeId }),
+      credentials: 'include'
     });
 
     const loginData = await loginRes.json();
@@ -164,7 +170,8 @@ export default function Validasi() {
       roleId: Number(roleId),
     });
 
-    cleanupStorage();
+    // ✅ Cleanup setelah login sukses
+    await cleanupStorage();
 
     if (!isActive) {
       window.location.href = '/waiting-room';
@@ -177,29 +184,41 @@ export default function Validasi() {
 
   const getRedirectPath = (roleId: number): string => {
     switch (roleId) {
-      case 0: // DEVELOPER
-      case 1: // SUPERADMIN
-      case 2: // ADMIN_DESA
+      case 0:
+      case 1:
+      case 2:
         return '/admin/landing-page/profil/program-inovasi';
-      case 3: // ADMIN_KESEHATAN
+      case 3:
         return '/admin/kesehatan/posyandu';
-      case 4: // ADMIN_PENDIDIKAN
+      case 4:
         return '/admin/pendidikan/info-sekolah/jenjang-pendidikan';
       default:
         return '/admin';
     }
   };
 
-  const cleanupStorage = () => {
+  // ✅ CLEANUP FUNCTION - Hapus localStorage + Cookie
+  const cleanupStorage = async () => {
+    // Clear localStorage
     localStorage.removeItem('auth_kodeId');
     localStorage.removeItem('auth_nomor');
     localStorage.removeItem('auth_username');
+
+    // Clear cookie
+    try {
+      await fetch('/api/clear-flow', {
+        method: 'POST',
+        credentials: 'include'
+      });
+    } catch (error) {
+      console.error('Error clearing flow cookie:', error);
+    }
   };
 
   const handleResend = async () => {
     if (!nomor) return;
     try {
-      const res = await fetch('/api/auth/resend', {
+      const res = await fetch('/api/resend', {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({ nomor }),

src/app/admin/layout.tsx

@@ -1,3 +1,399 @@
+// 'use client'
+
+// import colors from "@/con/colors";
+// import { authStore } from "@/store/authStore";
+// import {
+//   ActionIcon,
+//   AppShell,
+//   AppShellHeader,
+//   AppShellMain,
+//   AppShellNavbar,
+//   Burger,
+//   Center,
+//   Flex,
+//   Group,
+//   Image,
+//   Loader,
+//   NavLink,
+//   ScrollArea,
+//   Text,
+//   Tooltip,
+//   rem
+// } from "@mantine/core";
+// import { useDisclosure } from "@mantine/hooks";
+// import {
+//   IconChevronLeft,
+//   IconChevronRight,
+//   IconLogout2
+// } from "@tabler/icons-react";
+// import _ from "lodash";
+// import Link from "next/link";
+// import { useRouter, useSelectedLayoutSegments } from "next/navigation";
+// import { useEffect, useState } from "react";
+// // import { useSnapshot } from "valtio";
+// import { getNavbar } from "./(dashboard)/user&role/_com/dynamicNavbar";
+
+// export default function Layout({ children }: { children: React.ReactNode }) {
+//   const [opened, { toggle }] = useDisclosure();
+//   const [loading, setLoading] = useState(true);
+//   const [isLoggingOut, setIsLoggingOut] = useState(false);
+//   const [desktopOpened, { toggle: toggleDesktop }] = useDisclosure(true);
+//   const router = useRouter();
+//   const segments = useSelectedLayoutSegments().map((s) => _.lowerCase(s));
+
+//   // const { user } = useSnapshot(authStore);
+
+//   // console.log("Current user in store:", user);
+
+//   // ✅ FIX: Selalu fetch user data setiap kali komponen mount
+//   useEffect(() => {
+//     const fetchUser = async () => {
+//       try {
+//         const res = await fetch('/api/auth/me');
+//         const data = await res.json();
+
+//         if (data.user) {
+//           // ✅ Check if user is NOT active → redirect to waiting room
+//           if (!data.user.isActive) {
+//             authStore.setUser(null);
+//             router.replace('/waiting-room');
+//             return;
+//           }
+
+//           // ✅ Fetch menuIds
+//           const menuRes = await fetch(`/api/admin/user-menu-access?userId=${data.user.id}`);
+//           const menuData = await menuRes.json();
+
+//           const menuIds = menuData.success && Array.isArray(menuData.menuIds)
+//             ? [...menuData.menuIds]
+//             : null;
+
+//           // ✅ Set user dengan menuIds yang fresh
+//           authStore.setUser({
+//             id: data.user.id,
+//             name: data.user.name,
+//             roleId: Number(data.user.roleId),
+//             menuIds,
+//             isActive: data.user.isActive
+//           });
+
+//           // ✅ TAMBAHKAN INI: Redirect ke dashboard sesuai roleId
+//           const currentPath = window.location.pathname;
+//           const expectedPath = getRedirectPath(Number(data.user.roleId));
+
+//           // Jika user di halaman /admin tapi bukan di path yang sesuai roleId
+//           if (currentPath === '/admin' || !currentPath.startsWith(expectedPath)) {
+//             router.replace(expectedPath);
+//           }
+
+//         } else {
+//           authStore.setUser(null);
+//           router.replace('/login');
+//         }
+//       } catch (error) {
+//         console.error('Gagal memuat data pengguna:', error);
+//         authStore.setUser(null);
+//         router.replace('/login');
+//       } finally {
+//         setLoading(false);
+//       }
+//     };
+
+//     fetchUser();
+//   }, [router]);
+
+//   // ✅ Fungsi helper untuk get redirect path
+//   const getRedirectPath = (roleId: number): string => {
+//     switch (roleId) {
+//       case 0: // DEVELOPER
+//       case 1: // SUPERADMIN
+//       case 2: // ADMIN_DESA
+//         return '/admin/landing-page/profil/program-inovasi';
+//       case 3: // ADMIN_KESEHATAN
+//         return '/admin/kesehatan/posyandu';
+//       case 4: // ADMIN_PENDIDIKAN
+//         return '/admin/pendidikan/info-sekolah/jenjang-pendidikan';
+//       default:
+//         return '/admin';
+//     }
+//   };
+
+//   if (loading) {
+//     return (
+//       <AppShell>
+//         <AppShellMain>
+//           <Center h="100vh">
+//             <Loader />
+//           </Center>
+//         </AppShellMain>
+//       </AppShell>
+//     );
+//   }
+
+//   // ✅ Ambil menu berdasarkan roleId dan menuIds
+//   const currentNav = authStore.user
+//     ? getNavbar({ roleId: authStore.user.roleId, menuIds: authStore.user.menuIds })
+//     : [];
+
+//   const handleLogout = async () => {
+//     try {
+//       setIsLoggingOut(true);
+
+//       // ✅ Panggil API logout untuk clear session di server
+//       const response = await fetch('/api/auth/logout', { method: 'POST' });
+//       const result = await response.json();
+
+//       if (result.success) {
+//         // Clear user data dari store
+//         authStore.setUser(null);
+
+//         // Clear localStorage
+//         localStorage.removeItem('auth_nomor');
+//         localStorage.removeItem('auth_kodeId');
+
+//         // Force reload untuk reset semua state
+//         window.location.href = '/login';
+//       } else {
+//         console.error('Logout failed:', result.message);
+//         // Tetap redirect meskipun gagal
+//         authStore.setUser(null);
+//         window.location.href = '/login';
+//       }
+//     } catch (error) {
+//       console.error('Error during logout:', error);
+//       // Tetap clear store dan redirect jika error
+//       authStore.setUser(null);
+//       window.location.href = '/login';
+//     } finally {
+//       setIsLoggingOut(false);
+//     }
+//   };
+
+//   return (
+//     <AppShell
+//       suppressHydrationWarning
+//       header={{ height: 64 }}
+//       navbar={{
+//         width: { base: 260, sm: 280, lg: 300 },
+//         breakpoint: 'sm',
+//         collapsed: {
+//           mobile: !opened,
+//           desktop: !desktopOpened,
+//         },
+//       }}
+//       padding="md"
+//     >
+//       <AppShellHeader
+//         style={{
+//           background: "linear-gradient(90deg, #ffffff, #f9fbff)",
+//           borderBottom: `1px solid ${colors["blue-button"]}20`,
+//           padding: '0 16px',
+//         }}
+//         px={{ base: 'sm', sm: 'md' }}
+//         py={{ base: 'xs', sm: 'sm' }}
+//       >
+//         <Group w="100%" h="100%" justify="space-between" wrap="nowrap">
+//           <Flex align="center" gap="sm">
+//             <Image
+//               src="/assets/images/darmasaba-icon.png"
+//               alt="Logo Darmasaba"
+//               w={{ base: 32, sm: 40 }}
+//               h={{ base: 32, sm: 40 }}
+//               radius="md"
+//               loading="lazy"
+//               style={{
+//                 minWidth: '32px',
+//                 height: 'auto',
+//               }}
+//             />
+//             <Text
+//               fw={700}
+//               c={colors["blue-button"]}
+//               fz={{ base: 'md', sm: 'xl' }}
+//             >
+//               Admin Darmasaba
+//             </Text>
+//           </Flex>
+
+//           <Group gap="xs">
+//             {!desktopOpened && (
+//               <Tooltip label="Buka Navigasi" position="bottom" withArrow>
+//                 <ActionIcon
+//                   variant="light"
+//                   radius="xl"
+//                   size="lg"
+//                   onClick={toggleDesktop}
+//                   color={colors["blue-button"]}
+//                 >
+//                   <IconChevronRight />
+//                 </ActionIcon>
+//               </Tooltip>
+//             )}
+
+//             <Burger
+//               opened={opened}
+//               onClick={toggle}
+//               hiddenFrom="sm"
+//               size="md"
+//               color={colors["blue-button"]}
+//               mr="xs"
+//             />
+
+//             <Tooltip label="Kembali ke Website Desa" position="bottom" withArrow>
+//               <ActionIcon
+//                 onClick={() => {
+//                   router.push("/darmasaba");
+//                 }}
+//                 color={colors["blue-button"]}
+//                 radius="xl"
+//                 size="lg"
+//                 variant="gradient"
+//                 gradient={{ from: colors["blue-button"], to: "#228be6" }}
+//               >
+//                 <Image
+//                   src="/assets/images/darmasaba-icon.png"
+//                   alt="Logo Darmasaba"
+//                   w={20}
+//                   h={20}
+//                   radius="md"
+//                   loading="lazy"
+//                   style={{
+//                     minWidth: '20px',
+//                     height: 'auto',
+//                   }}
+//                 />
+//               </ActionIcon>
+//             </Tooltip>
+//             <Tooltip label="Keluar" position="bottom" withArrow>
+//               <ActionIcon
+//                 onClick={handleLogout}
+//                 color={colors["blue-button"]}
+//                 radius="xl"
+//                 size="lg"
+//                 variant="gradient"
+//                 gradient={{ from: colors["blue-button"], to: "#228be6" }}
+//                 loading={isLoggingOut}
+//                 disabled={isLoggingOut}
+//               >
+//                 <IconLogout2 size={22} />
+//               </ActionIcon>
+//             </Tooltip>
+//           </Group>
+//         </Group>
+//       </AppShellHeader>
+
+//       <AppShellNavbar
+//         component={ScrollArea}
+//         style={{
+//           background: "#ffffff",
+//           borderRight: `1px solid ${colors["blue-button"]}20`,
+//         }}
+//         p={{ base: 'xs', sm: 'sm' }}
+//       >
+//         <AppShell.Section p="sm">
+//           {currentNav.map((v, k) => {
+//             const isParentActive = segments.includes(_.lowerCase(v.name));
+
+//             return (
+//               <NavLink
+//                 key={k}
+//                 defaultOpened={isParentActive}
+//                 c={isParentActive ? colors["blue-button"] : "gray"}
+//                 label={
+//                   <Text fw={isParentActive ? 600 : 400} fz="sm">
+//                     {v.name}
+//                   </Text>
+//                 }
+//                 style={{
+//                   borderRadius: rem(10),
+//                   marginBottom: rem(4),
+//                   transition: "background 150ms ease",
+//                 }}
+//                 styles={{
+//                   root: {
+//                     '&:hover': {
+//                       backgroundColor: 'rgba(25, 113, 194, 0.05)',
+//                     },
+//                   },
+//                 }}
+//                 variant="light"
+//                 active={isParentActive}
+//               >
+//                 {v.children.map((child, key) => {
+//                   const isChildActive = segments.includes(
+//                     _.lowerCase(child.name)
+//                   );
+
+//                   return (
+//                     <NavLink
+//                       key={key}
+//                       href={child.path}
+//                       c={isChildActive ? colors["blue-button"] : "gray"}
+//                       label={
+//                         <Text fw={isChildActive ? 600 : 400} fz="sm">
+//                           {child.name}
+//                         </Text>
+//                       }
+//                       styles={{
+//                         root: {
+//                           borderRadius: rem(8),
+//                           marginBottom: rem(2),
+//                           transition: 'background 150ms ease',
+//                           padding: '6px 12px',
+//                           '&:hover': {
+//                             backgroundColor: isChildActive ? 'rgba(25, 113, 194, 0.15)' : 'rgba(25, 113, 194, 0.05)',
+//                           },
+//                           ...(isChildActive && {
+//                             backgroundColor: 'rgba(25, 113, 194, 0.1)',
+//                           }),
+//                         },
+//                       }}
+//                       active={isChildActive}
+//                       component={Link}
+//                     />
+//                   );
+//                 })}
+//               </NavLink>
+//             );
+//           })}
+//         </AppShell.Section>
+
+//         <AppShell.Section py="md">
+//           <Group justify="end" pr="sm">
+//             <Tooltip
+//               label={desktopOpened ? "Tutup Navigasi" : "Buka Navigasi"}
+//               position="top"
+//               withArrow
+//             >
+//               <ActionIcon
+//                 variant="light"
+//                 radius="xl"
+//                 size="lg"
+//                 onClick={toggleDesktop}
+//                 color={colors["blue-button"]}
+//               >
+//                 <IconChevronLeft />
+//               </ActionIcon>
+//             </Tooltip>
+//           </Group>
+//         </AppShell.Section>
+//       </AppShellNavbar>
+
+//       <AppShellMain
+//         style={{
+//           background: "linear-gradient(180deg, #fdfdfd, #f6f9fc)",
+//           minHeight: "100vh",
+//         }}
+//       >
+//         {children}
+//       </AppShellMain>
+//     </AppShell>
+//   );
+// }
+
+
+// app/admin/layout.tsx
+
 'use client'
 
 import colors from "@/con/colors";
@@ -30,46 +426,61 @@ import _ from "lodash";
 import Link from "next/link";
 import { useRouter, useSelectedLayoutSegments } from "next/navigation";
 import { useEffect, useState } from "react";
-import { useSnapshot } from "valtio";
 import { getNavbar } from "./(dashboard)/user&role/_com/dynamicNavbar";
 
 export default function Layout({ children }: { children: React.ReactNode }) {
- const [opened, { toggle }] = useDisclosure();
+  const [opened, { toggle }] = useDisclosure();
   const [loading, setLoading] = useState(true);
+  const [isLoggingOut, setIsLoggingOut] = useState(false);
   const [desktopOpened, { toggle: toggleDesktop }] = useDisclosure(true);
   const router = useRouter();
   const segments = useSelectedLayoutSegments().map((s) => _.lowerCase(s));
 
-  const { user } = useSnapshot(authStore);
-
-  console.log("Current user in store:", user);
-
- useEffect(() => {
-    if (authStore.user) {
-      setLoading(false);
-      return;
-    }
-
+  useEffect(() => {
     const fetchUser = async () => {
       try {
-        const res = await fetch('/api/auth/me');
+        const res = await fetch('/api/auth/me', {
+          credentials: 'include' // ✅ ADD credentials
+        });
         const data = await res.json();
 
         if (data.user) {
-          const menuRes = await fetch(`/api/admin/user-menu-access?userId=${data.user.id}`);
+          // ✅ Check if user is NOT active → redirect to waiting room
+          if (!data.user.isActive) {
+            authStore.setUser(null);
+            router.replace('/waiting-room');
+            return;
+          }
+
+          // ✅ Fetch menuIds
+          const menuRes = await fetch(`/api/admin/user-menu-access?userId=${data.user.id}`, {
+            credentials: 'include' // ✅ ADD credentials
+          });
           const menuData = await menuRes.json();
 
-          // ✅ Clone ke array mutable
           const menuIds = menuData.success && Array.isArray(menuData.menuIds)
-            ? [...menuData.menuIds] // Converts readonly array to mutable
+            ? [...menuData.menuIds]
             : null;
 
+          // ✅ Set user dengan menuIds yang fresh
           authStore.setUser({
             id: data.user.id,
             name: data.user.name,
             roleId: Number(data.user.roleId),
             menuIds,
+            isActive: data.user.isActive
           });
+
+          // ✅ IMPROVED: Redirect ONLY if di root /admin
+          const currentPath = window.location.pathname;
+          
+          if (currentPath === '/admin') {
+            const expectedPath = getRedirectPath(Number(data.user.roleId));
+            console.log('🔄 Redirecting from /admin to:', expectedPath);
+            router.replace(expectedPath);
+          }
+          // ✅ Jangan redirect jika user sudah di path yang valid
+
         } else {
           authStore.setUser(null);
           router.replace('/login');
@@ -84,7 +495,22 @@ export default function Layout({ children }: { children: React.ReactNode }) {
     };
 
     fetchUser();
-  }, [router]);
+  }, [router]); // ✅ Only depend on router
+
+  const getRedirectPath = (roleId: number): string => {
+    switch (roleId) {
+      case 0: // DEVELOPER
+      case 1: // SUPERADMIN
+      case 2: // ADMIN_DESA
+        return '/admin/landing-page/profil/program-inovasi';
+      case 3: // ADMIN_KESEHATAN
+        return '/admin/kesehatan/posyandu';
+      case 4: // ADMIN_PENDIDIKAN
+        return '/admin/pendidikan/info-sekolah/jenjang-pendidikan';
+      default:
+        return '/admin';
+    }
+  };
 
   if (loading) {
     return (
@@ -98,15 +524,38 @@ export default function Layout({ children }: { children: React.ReactNode }) {
     );
   }
 
-  // ✅ Ambil menu berdasarkan roleId
   const currentNav = authStore.user
     ? getNavbar({ roleId: authStore.user.roleId, menuIds: authStore.user.menuIds })
     : [];
 
-  const handleLogout = () => {
-    authStore.setUser(null);
-    document.cookie = `${process.env.BASE_SESSION_KEY}=; Max-Age=0; path=/;`;
-    router.push('/login');
+  const handleLogout = async () => {
+    try {
+      setIsLoggingOut(true);
+
+      const response = await fetch('/api/auth/logout', { 
+        method: 'POST',
+        credentials: 'include' // ✅ ADD credentials
+      });
+      const result = await response.json();
+
+      if (result.success) {
+        authStore.setUser(null);
+        localStorage.removeItem('auth_nomor');
+        localStorage.removeItem('auth_kodeId');
+        localStorage.removeItem('auth_username');
+        window.location.href = '/login';
+      } else {
+        console.error('Logout failed:', result.message);
+        authStore.setUser(null);
+        window.location.href = '/login';
+      }
+    } catch (error) {
+      console.error('Error during logout:', error);
+      authStore.setUser(null);
+      window.location.href = '/login';
+    } finally {
+      setIsLoggingOut(false);
+    }
   };
 
   return (
@@ -123,6 +572,7 @@ export default function Layout({ children }: { children: React.ReactNode }) {
       }}
       padding="md"
     >
+      {/* ... rest of your JSX (Header, Navbar, Main) sama seperti sebelumnya ... */}
       <AppShellHeader
         style={{
           background: "linear-gradient(90deg, #ffffff, #f9fbff)",
@@ -141,16 +591,9 @@ export default function Layout({ children }: { children: React.ReactNode }) {
               h={{ base: 32, sm: 40 }}
               radius="md"
               loading="lazy"
-              style={{
-                minWidth: '32px',
-                height: 'auto',
-              }}
+              style={{ minWidth: '32px', height: 'auto' }}
             />
-            <Text
-              fw={700}
-              c={colors["blue-button"]}
-              fz={{ base: 'md', sm: 'xl' }}
-            >
+            <Text fw={700} c={colors["blue-button"]} fz={{ base: 'md', sm: 'xl' }}>
               Admin Darmasaba
             </Text>
           </Flex>
@@ -158,61 +601,22 @@ export default function Layout({ children }: { children: React.ReactNode }) {
           <Group gap="xs">
             {!desktopOpened && (
               <Tooltip label="Buka Navigasi" position="bottom" withArrow>
-                <ActionIcon
-                  variant="light"
-                  radius="xl"
-                  size="lg"
-                  onClick={toggleDesktop}
-                  color={colors["blue-button"]}
-                >
+                <ActionIcon variant="light" radius="xl" size="lg" onClick={toggleDesktop} color={colors["blue-button"]}>
                   <IconChevronRight />
                 </ActionIcon>
               </Tooltip>
             )}
 
-            <Burger
-              opened={opened}
-              onClick={toggle}
-              hiddenFrom="sm"
-              size="md"
-              color={colors["blue-button"]}
-              mr="xs"
-            />
+            <Burger opened={opened} onClick={toggle} hiddenFrom="sm" size="md" color={colors["blue-button"]} mr="xs" />
 
             <Tooltip label="Kembali ke Website Desa" position="bottom" withArrow>
-              <ActionIcon
-                onClick={() => {
-                  router.push("/darmasaba");
-                }}
-                color={colors["blue-button"]}
-                radius="xl"
-                size="lg"
-                variant="gradient"
-                gradient={{ from: colors["blue-button"], to: "#228be6" }}
-              >
-                <Image
-                  src="/assets/images/darmasaba-icon.png"
-                  alt="Logo Darmasaba"
-                  w={20}
-                  h={20}
-                  radius="md"
-                  loading="lazy"
-                  style={{
-                    minWidth: '20px',
-                    height: 'auto',
-                  }}
-                />
+              <ActionIcon onClick={() => router.push("/darmasaba")} color={colors["blue-button"]} radius="xl" size="lg" variant="gradient" gradient={{ from: colors["blue-button"], to: "#228be6" }}>
+                <Image src="/assets/images/darmasaba-icon.png" alt="Logo Darmasaba" w={20} h={20} radius="md" loading="lazy" style={{ minWidth: '20px', height: 'auto' }} />
               </ActionIcon>
             </Tooltip>
+
             <Tooltip label="Keluar" position="bottom" withArrow>
-              <ActionIcon
-                onClick={handleLogout}
-                color={colors["blue-button"]}
-                radius="xl"
-                size="lg"
-                variant="gradient"
-                gradient={{ from: colors["blue-button"], to: "#228be6" }}
-              >
+              <ActionIcon onClick={handleLogout} color={colors["blue-button"]} radius="xl" size="lg" variant="gradient" gradient={{ from: colors["blue-button"], to: "#228be6" }} loading={isLoggingOut} disabled={isLoggingOut}>
                 <IconLogout2 size={22} />
               </ActionIcon>
             </Tooltip>
@@ -220,75 +624,17 @@ export default function Layout({ children }: { children: React.ReactNode }) {
         </Group>
       </AppShellHeader>
 
-      <AppShellNavbar
-        component={ScrollArea}
-        style={{
-          background: "#ffffff",
-          borderRight: `1px solid ${colors["blue-button"]}20`,
-        }}
-        p={{ base: 'xs', sm: 'sm' }}
-      >
+      <AppShellNavbar component={ScrollArea} style={{ background: "#ffffff", borderRight: `1px solid ${colors["blue-button"]}20` }} p={{ base: 'xs', sm: 'sm' }}>
+        {/* ... Navbar content sama seperti sebelumnya ... */}
         <AppShell.Section p="sm">
           {currentNav.map((v, k) => {
             const isParentActive = segments.includes(_.lowerCase(v.name));
-
             return (
-              <NavLink
-                key={k}
-                defaultOpened={isParentActive}
-                c={isParentActive ? colors["blue-button"] : "gray"}
-                label={
-                  <Text fw={isParentActive ? 600 : 400} fz="sm">
-                    {v.name}
-                  </Text>
-                }
-                style={{
-                  borderRadius: rem(10),
-                  marginBottom: rem(4),
-                  transition: "background 150ms ease",
-                }}
-                styles={{
-                  root: {
-                    '&:hover': {
-                      backgroundColor: 'rgba(25, 113, 194, 0.05)',
-                    },
-                  },
-                }}
-                variant="light"
-                active={isParentActive}
-              >
+              <NavLink key={k} defaultOpened={isParentActive} c={isParentActive ? colors["blue-button"] : "gray"} label={<Text fw={isParentActive ? 600 : 400} fz="sm">{v.name}</Text>} style={{ borderRadius: rem(10), marginBottom: rem(4), transition: "background 150ms ease" }} styles={{ root: { '&:hover': { backgroundColor: 'rgba(25, 113, 194, 0.05)' } } }} variant="light" active={isParentActive}>
                 {v.children.map((child, key) => {
-                  const isChildActive = segments.includes(
-                    _.lowerCase(child.name)
-                  );
-
+                  const isChildActive = segments.includes(_.lowerCase(child.name));
                   return (
-                    <NavLink
-                      key={key}
-                      href={child.path}
-                      c={isChildActive ? colors["blue-button"] : "gray"}
-                      label={
-                        <Text fw={isChildActive ? 600 : 400} fz="sm">
-                          {child.name}
-                        </Text>
-                      }
-                      styles={{
-                        root: {
-                          borderRadius: rem(8),
-                          marginBottom: rem(2),
-                          transition: 'background 150ms ease',
-                          padding: '6px 12px',
-                          '&:hover': {
-                            backgroundColor: isChildActive ? 'rgba(25, 113, 194, 0.15)' : 'rgba(25, 113, 194, 0.05)',
-                          },
-                          ...(isChildActive && {
-                            backgroundColor: 'rgba(25, 113, 194, 0.1)',
-                          }),
-                        },
-                      }}
-                      active={isChildActive}
-                      component={Link}
-                    />
+                    <NavLink key={key} href={child.path} c={isChildActive ? colors["blue-button"] : "gray"} label={<Text fw={isChildActive ? 600 : 400} fz="sm">{child.name}</Text>} styles={{ root: { borderRadius: rem(8), marginBottom: rem(2), transition: 'background 150ms ease', padding: '6px 12px', '&:hover': { backgroundColor: isChildActive ? 'rgba(25, 113, 194, 0.15)' : 'rgba(25, 113, 194, 0.05)' }, ...(isChildActive && { backgroundColor: 'rgba(25, 113, 194, 0.1)' }) } }} active={isChildActive} component={Link} />
                   );
                 })}
               </NavLink>
@@ -298,18 +644,8 @@ export default function Layout({ children }: { children: React.ReactNode }) {
 
         <AppShell.Section py="md">
           <Group justify="end" pr="sm">
-            <Tooltip
-              label={desktopOpened ? "Tutup Navigasi" : "Buka Navigasi"}
-              position="top"
-              withArrow
-            >
-              <ActionIcon
-                variant="light"
-                radius="xl"
-                size="lg"
-                onClick={toggleDesktop}
-                color={colors["blue-button"]}
-              >
+            <Tooltip label={desktopOpened ? "Tutup Navigasi" : "Buka Navigasi"} position="top" withArrow>
+              <ActionIcon variant="light" radius="xl" size="lg" onClick={toggleDesktop} color={colors["blue-button"]}>
                 <IconChevronLeft />
               </ActionIcon>
             </Tooltip>
@@ -317,14 +653,9 @@ export default function Layout({ children }: { children: React.ReactNode }) {
         </AppShell.Section>
       </AppShellNavbar>
 
-      <AppShellMain
-        style={{
-          background: "linear-gradient(180deg, #fdfdfd, #f6f9fc)",
-          minHeight: "100vh",
-        }}
-      >
+      <AppShellMain style={{ background: "linear-gradient(180deg, #fdfdfd, #f6f9fc)", minHeight: "100vh" }}>
         {children}
       </AppShellMain>
     </AppShell>
   );
-}
+}

src/app/api/[auth]/_lib/api_fetch_auth.ts

@@ -0,0 +1,144 @@
+/* eslint-disable @typescript-eslint/no-unused-vars */
+// app/api/_lib/api_fetch_auth.ts
+
+// app/api/_lib/api_fetch_auth.ts
+
+export const apiFetchLogin = async ({ nomor }: { nomor: string }) => {
+  if (!nomor || nomor.replace(/\D/g, '').length < 10) {
+    throw new Error('Nomor tidak valid');
+  }
+
+  const cleanPhone = nomor.replace(/\D/g, '');
+
+  const response = await fetch("/api/login", {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ nomor: cleanPhone }),
+    credentials: 'include'
+  });
+
+  // Pastikan respons bisa di-parse sebagai JSON
+  let data;
+  try {
+    data = await response.json();
+  } catch (e) {
+    console.error("Non-JSON response from /api/login:", await response.text());
+    throw new Error('Respons server tidak valid');
+  }
+
+  if (!response.ok) {
+    throw new Error(data.message || 'Gagal memproses login');
+  }
+
+  // Validasi minimal respons
+  if (typeof data.success !== 'boolean' || typeof data.isRegistered !== 'boolean') {
+    throw new Error('Respons tidak sesuai format');
+  }
+
+  if (data.success) {
+    if (data.isRegistered && !data.kodeId) {
+      throw new Error('Kode verifikasi tidak ditemukan untuk user terdaftar');
+    }
+    return data; // { success, isRegistered, kodeId? }
+  } else {
+    throw new Error(data.message || 'Login gagal');
+  }
+};
+
+export const apiFetchRegister = async ({
+  username,
+  nomor,
+}: {
+  username: string;
+  nomor: string;
+}) => {
+  const cleanPhone = nomor.replace(/\D/g, '');
+  if (cleanPhone.length < 10) throw new Error('Nomor tidak valid');
+
+  const response = await fetch("/api/register", {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ username: username.trim(), nomor: cleanPhone }),
+    credentials: 'include',
+  });
+
+  const data = await response.json();
+  if (!response.ok) throw new Error(data.message || 'Gagal mengirim OTP');
+
+  return data;
+};
+
+export const apiFetchOtpData = async ({ kodeId }: { kodeId: string }) => {
+  if (!kodeId) {
+    throw new Error('Kode ID tidak valid');
+  }
+
+  const response = await fetch("/api/otp-data", {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ kodeId }),
+  });
+
+  const data = await response.json();
+
+  if (!response.ok) {
+    throw new Error(data.message || 'Gagal memuat data OTP');
+  }
+
+  return data;
+};
+
+// Ganti endpoint ke verify-otp-login
+export const apiFetchVerifyOtp = async ({ nomor, otp, kodeId }: { nomor: string; otp: string; kodeId: string }) => {
+  const response = await fetch('/api/verify-otp-login', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ nomor, otp, kodeId }),
+  });
+  const data = await response.json();
+  return {
+    success: response.ok,
+    ...data,
+    status: response.status,
+  };
+};
+
+// Di dalam api_fetch_auth.ts
+
+export async function apiFetchUserMenuAccess(userId: string): Promise<{
+  success: boolean;
+  menuIds?: string[];
+  message?: string;
+}> {
+  try {
+    const res = await fetch(`/api/admin/user-menu-access/${userId}`, {
+      method: 'GET',
+      headers: { 'Content-Type': 'application/json' },
+    });
+
+    const data = await res.json();
+    return data;
+  } catch (error) {
+    console.error('API Fetch User Menu Access Error:', error);
+    return { success: false, message: 'Gagal memuat menu akses' };
+  }
+}
+
+export async function apiUpdateUserMenuAccess(
+  userId: string,
+  menuIds: string[]
+): Promise<{ success: boolean; message?: string }> {
+  try {
+    const res = await fetch('/api/admin/user-menu-access', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ userId, menuIds }),
+    });
+
+    const data = await res.json();
+    return data;
+  } catch (error) {
+    console.error('API Update User Menu Access Error:', error);
+    return { success: false, message: 'Gagal menyimpan menu akses' };
+  }
+}

src/app/api/[auth]/_lib/session_create.ts

@@ -1,4 +1,4 @@
-// app/api/auth/_lib/session_create.ts
+// src/app/api/auth/_lib/sessionCreate.ts
 import { cookies } from "next/headers";
 import { encrypt } from "./encrypt";
 import prisma from "@/lib/prisma";
@@ -9,11 +9,13 @@ export async function sessionCreate({
   exp = "30 day",
   jwtSecret,
   user,
+  invalidatePrevious = true, // 🔑 kontrol apakah sesi lama di-nonaktifkan
 }: {
   sessionKey: string;
   exp?: string;
   jwtSecret: string;
   user: Record<string, unknown> & { id: string };
+  invalidatePrevious?: boolean; // default true untuk login, false untuk registrasi
 }) {
   // ✅ Validasi env vars
   if (!sessionKey || sessionKey.length === 0) {
@@ -28,18 +30,19 @@ export async function sessionCreate({
     throw new Error("Token generation failed");
   }
 
-  // ✅ Hitung expiresAt sesuai exp
+  // ✅ Hitung expiresAt
   let expiresAt = add(new Date(), { days: 30 });
   if (exp === "7 day") expiresAt = add(new Date(), { days: 7 });
-  // tambahkan opsi lain jika perlu
 
-  // Sebelum create session baru, nonaktifkan session aktif sebelumnya
-  await prisma.userSession.updateMany({
-    where: { userId: user.id, active: true },
-    data: { active: false },
-  });
+  // 🔐 Hanya nonaktifkan sesi aktif sebelumnya jika diminta (misal: saat login ulang)
+  if (invalidatePrevious) {
+    await prisma.userSession.updateMany({
+      where: { userId: user.id, active: true },
+      data: { active: false },
+    });
+  }
 
-  // ✅ Simpan ke database
+  // ✅ Simpan sesi baru
   await prisma.userSession.create({
     data: {
       token,
@@ -55,8 +58,8 @@ export async function sessionCreate({
     sameSite: "lax",
     path: "/",
     secure: process.env.NODE_ENV === "production",
-    maxAge: 30 * 24 * 60 * 60, // seconds
+    maxAge: 30 * 24 * 60 * 60, // 30 hari dalam detik
   });
 
   return token;
-}
+}

src/app/api/[auth]/_lib/session_verify.ts

@@ -30,13 +30,7 @@ export async function verifySession() {
       return null;
     }
 
-    // ❌ Hanya tolak jika sessionInvalid = true
-    if (dbSession.user.sessionInvalid) {
-      console.log('⚠️ Session di-invalidate');
-      return null;
-    }
-
-    // ✅ Return user, meskipun isActive = false
+    // Don't check isActive here, let the frontend handle it
     return dbSession.user;
   } catch (error) {
     console.warn('Session verification failed:', error);

src/app/api/[auth]/clear-flow/route.ts

@@ -0,0 +1,19 @@
+// app/api/auth/clear-flow/route.ts
+import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
+
+export async function POST() {
+  try {
+    // ✅ Next.js 15 syntax
+    const cookieStore = await cookies();
+    cookieStore.delete('auth_flow');
+    
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error('❌ Error clearing flow cookie:', error);
+    return NextResponse.json(
+      { success: false, message: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}

src/app/api/[auth]/finalize-registration/route.ts

@@ -0,0 +1,149 @@
+// src/app/api/auth/finalize-registration/route.ts
+import prisma from "@/lib/prisma";
+import { NextResponse } from "next/server";
+import { sessionCreate } from "../_lib/session_create";
+
+// ✅ Gunakan STRING untuk roleId
+const DEFAULT_MENUS_BY_ROLE: Record<string, string[]> = {
+  "0": [
+    "Landing Page", "PPID", "Desa", "Kesehatan", "Keamanan",
+    "Ekonomi", "Inovasi", "Lingkungan", "Pendidikan", "User & Role"
+  ],
+  "1": [
+    "Landing Page", "PPID", "Desa", "Keamanan",
+    "Ekonomi", "Inovasi", "Lingkungan", "User & Role"
+  ],
+  "2": ["Landing Page", "Desa", "Ekonomi", "Inovasi", "Lingkungan"],
+  "3": ["Kesehatan"],
+  "4": ["Pendidikan"],
+};
+
+export async function POST(req: Request) {
+  try {
+    const { nomor, username, kodeId } = await req.json();
+    const cleanNomor = nomor.replace(/\D/g, "");
+
+    if (!cleanNomor || !username || !kodeId) {
+      return NextResponse.json(
+        { success: false, message: "Data tidak lengkap" },
+        { status: 400 }
+      );
+    }
+
+    // Verify OTP
+    const otpRecord = await prisma.kodeOtp.findUnique({ 
+      where: { id: kodeId },
+      select: { nomor: true, isActive: true }
+    });
+
+    if (!otpRecord?.isActive || otpRecord.nomor !== cleanNomor) {
+      return NextResponse.json(
+        { success: false, message: "OTP tidak valid" },
+        { status: 400 }
+      );
+    }
+
+    // Check duplicate username
+    if (await prisma.user.findFirst({ where: { username } })) {
+      return NextResponse.json(
+        { success: false, message: "Username sudah digunakan" },
+        { status: 409 }
+      );
+    }
+
+    // Check duplicate nomor
+    if (await prisma.user.findUnique({ where: { nomor: cleanNomor } })) {
+      return NextResponse.json(
+        { success: false, message: "Nomor sudah terdaftar" },
+        { status: 409 }
+      );
+    }
+
+    // 🔥 Tentukan roleId sebagai STRING
+    const targetRoleId = "2"; // ✅ Default ADMIN_DESA (roleId "2")
+
+    // Validasi role exists
+    const roleExists = await prisma.role.findUnique({
+      where: { id: targetRoleId },
+      select: { id: true }
+    });
+
+    if (!roleExists) {
+      return NextResponse.json(
+        { success: false, message: "Role tidak valid" },
+        { status: 400 }
+      );
+    }
+
+    // ✅ Create user (inactive, waiting approval)
+    const newUser = await prisma.user.create({
+      data: {
+        username,
+        nomor: cleanNomor,
+        roleId: targetRoleId,
+        isActive: false, // Waiting for admin approval
+      },
+    });
+
+    // ✅ Berikan akses menu default based on role
+    const menuIds = DEFAULT_MENUS_BY_ROLE[targetRoleId] || [];
+    if (menuIds.length > 0) {
+      await prisma.userMenuAccess.createMany({
+        data: menuIds.map(menuId => ({
+          userId: newUser.id,
+          menuId,
+        })),
+        skipDuplicates: true, // ✅ Avoid duplicate errors
+      });
+    }
+
+    // ✅ Mark OTP as used
+    await prisma.kodeOtp.update({
+      where: { id: kodeId },
+      data: { isActive: false },
+    });
+
+    // ✅ Create session token
+    const token = await sessionCreate({
+      sessionKey: process.env.BASE_SESSION_KEY!,
+      jwtSecret: process.env.BASE_TOKEN_KEY!,
+      exp: "30 day",
+      user: {
+        id: newUser.id,
+        nomor: newUser.nomor,
+        username: newUser.username,
+        roleId: newUser.roleId,
+        isActive: false, // User belum aktif
+      },
+      invalidatePrevious: false,
+    });
+
+    // ✅ PENTING: Return JSON response (bukan redirect)
+    const response = NextResponse.json({
+      success: true,
+      message: "Registrasi berhasil. Menunggu persetujuan admin.",
+      userId: newUser.id,
+    });
+
+    // ✅ Set session cookie
+    const cookieName = process.env.BASE_SESSION_KEY || 'session';
+    response.cookies.set(cookieName, token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: 'lax',
+      path: "/",
+      maxAge: 30 * 24 * 60 * 60, // 30 days
+    });
+
+    return response;
+
+  } catch (error) {
+    console.error("❌ Finalize Registration Error:", error);
+    return NextResponse.json(
+      { success: false, message: "Registrasi gagal. Silakan coba lagi." },
+      { status: 500 }
+    );
+  } finally {
+    await prisma.$disconnect();
+  }
+}

src/app/api/[auth]/get-flow/route.ts

@@ -0,0 +1,22 @@
+// app/api/auth/get-flow/route.ts
+import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
+
+export async function GET() {
+  try {
+    // ✅ Next.js 15 syntax
+    const cookieStore = await cookies();
+    const flow = cookieStore.get('auth_flow')?.value || 'login';
+    
+    return NextResponse.json({ 
+      success: true, 
+      flow 
+    });
+  } catch (error) {
+    console.error('❌ Error getting flow cookie:', error);
+    return NextResponse.json(
+      { success: false, flow: 'login' },
+      { status: 500 }
+    );
+  }
+}

src/app/api/[auth]/login/route.ts

@@ -2,6 +2,7 @@
 import prisma from "@/lib/prisma";
 import { NextResponse } from "next/server";
 import { randomOTP } from "../_lib/randomOTP";
+import { cookies } from "next/headers";
 
 export async function POST(req: Request) {
   if (req.method !== "POST") {
@@ -29,19 +30,37 @@ export async function POST(req: Request) {
     const isRegistered = !!existingUser;
 
     if (isRegistered) {
-      // ✅ User terdaftar → kirim OTP
       const codeOtp = randomOTP();
       const otpNumber = Number(codeOtp);
 
-      const waMessage = `Website Desa Darmasaba - Kode verifikasi Anda: ${codeOtp}`;
-      const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(waMessage)}`;
+      // ✅ PERBAIKAN: Gunakan format pesan yang lebih sederhana
+      // Hapus karakter khusus yang bisa bikin masalah
+      const waMessage = `Website Desa Darmasaba\nKode verifikasi Anda ${codeOtp}`;
+      
+      // // ✅ OPSI 1: Tanpa encoding (coba dulu ini)
+      // const waUrl = `https://wa.wibudev.com/code?nom=${nomor}&text=${waMessage}`;
+      
+      // ✅ OPSI 2: Dengan encoding (kalau opsi 1 gagal)
+      const waUrl = `https://wa.wibudev.com/code?nom=${nomor}&text=${encodeURIComponent(waMessage)}`;
+      
+      // ✅ OPSI 3: Encoding manual untuk URL-safe (alternatif terakhir)
+      // const encodedMessage = waMessage.replace(/\n/g, '%0A').replace(/ /g, '%20');
+      // const waUrl = `https://wa.wibudev.com/code?nom=${nomor}&text=${encodedMessage}`;
 
+      console.log("🔍 Debug WA URL:", waUrl); // Untuk debugging
+      
       const res = await fetch(waUrl);
       const sendWa = await res.json();
 
+      console.log("📱 WA Response:", sendWa); // Debug response
+
       if (sendWa.status !== "success") {
         return NextResponse.json(
-          { success: false, message: "Gagal mengirim OTP via WhatsApp" },
+          { 
+            success: false, 
+            message: "Gagal mengirim OTP via WhatsApp",
+            debug: sendWa // Tampilkan error detail
+          },
           { status: 400 }
         );
       }
@@ -50,6 +69,15 @@ export async function POST(req: Request) {
         data: { nomor, otp: otpNumber, isActive: true },
       });
 
+      const cookieStore = await cookies();
+      cookieStore.set('auth_flow', 'login', {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === 'production',
+        sameSite: 'lax',
+        maxAge: 60 * 5, // 5 menit
+        path: '/'
+      });
+
       return NextResponse.json({
         success: true,
         message: "Kode verifikasi dikirim",
@@ -57,16 +85,14 @@ export async function POST(req: Request) {
         isRegistered: true,
       });
     } else {
-      // ❌ User belum terdaftar → JANGAN kirim OTP
       return NextResponse.json({
         success: true,
         message: "Nomor belum terdaftar",
         isRegistered: false,
-        // Tidak ada kodeId
       });
     }
   } catch (error) {
-    console.error("Error Login:", error);
+    console.error("❌ Error Login:", error);
     return NextResponse.json(
       { success: false, message: "Terjadi kesalahan saat login" },
       { status: 500 }

src/app/api/[auth]/me/route.ts

@@ -0,0 +1,59 @@
+// src/app/api/auth/me/route.ts
+import { NextResponse } from 'next/server';
+import { verifySession } from '../_lib/session_verify';
+import prisma from '@/lib/prisma';
+
+export async function GET() {
+  try {
+    const sessionUser = await verifySession();
+    if (!sessionUser) {
+      return NextResponse.json(
+        { success: false, message: "Unauthorized", user: null },
+        { status: 401 }
+      );
+    }
+
+    const [dbUser, menuAccess] = await Promise.all([
+      prisma.user.findUnique({
+        where: { id: sessionUser.id },
+        select: {
+          id: true,
+          username: true,
+          nomor: true,
+          roleId: true,   // STRING!
+          isActive: true, // BOOLEAN!
+        },
+      }),
+      prisma.userMenuAccess.findMany({
+        where: { userId: sessionUser.id },
+        select: { menuId: true },
+      }),
+    ]);
+
+    if (!dbUser) {
+      return NextResponse.json(
+        { success: false, message: "User not found", user: null },
+        { status: 404 }
+      );
+    }
+
+    return NextResponse.json({
+      success: true,
+      user: {
+        id: dbUser.id,
+        name: dbUser.username,
+        username: dbUser.username,
+        nomor: dbUser.nomor,
+        roleId: dbUser.roleId,     // STRING!
+        isActive: dbUser.isActive, // BOOLEAN!
+        menuIds: menuAccess.map(m => m.menuId),
+      },
+    });
+  } catch (error) {
+    console.error("❌ Error in /api/me:", error);
+    return NextResponse.json(
+      { success: false, message: "Internal server error", user: null },
+      { status: 500 }
+    );
+  }
+}

src/app/api/[auth]/refresh-session/route.ts

@@ -0,0 +1,55 @@
+import { NextResponse } from 'next/server';
+import { verifySession } from '../_lib/session_verify';
+import { sessionCreate } from '../_lib/session_create';
+import prisma from '@/lib/prisma';
+
+export async function POST() {
+  try {
+    const sessionUser = await verifySession();
+    if (!sessionUser) {
+      return NextResponse.json(
+        { success: false, message: "Unauthorized" },
+        { status: 401 }
+      );
+    }
+
+    // Get fresh user data
+    const user = await prisma.user.findUnique({
+      where: { id: sessionUser.id },
+      select: {
+        id: true,
+        username: true,
+        roleId: true,
+        isActive: true,
+      },
+    });
+
+    if (!user) {
+      return NextResponse.json(
+        { success: false, message: "User not found" },
+        { status: 404 }
+      );
+    }
+
+    // Create new session with updated data
+    await sessionCreate({
+      sessionKey: process.env.BASE_SESSION_KEY!,
+      jwtSecret: process.env.BASE_TOKEN_KEY!,
+      user: {
+        id: user.id,
+        username: user.username,
+        roleId: user.roleId,
+        isActive: user.isActive,
+      },
+      invalidatePrevious: false, // Keep existing sessions
+    });
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error('Error refreshing session:', error);
+    return NextResponse.json(
+      { success: false, message: "Internal server error" },
+      { status: 500 }
+    );
+  }
+}

src/app/api/[auth]/register/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
 import prisma from '@/lib/prisma';
-import { randomOTP } from '../_lib/randomOTP'; // pastikan ada
+import { randomOTP } from '../_lib/randomOTP';
 
 export async function POST(req: Request) {
   try {
@@ -36,7 +37,17 @@ export async function POST(req: Request) {
       data: { nomor, otp: otpNumber, isActive: true }
     });
 
-    // ✅ Kembalikan kodeId (jangan buat user di sini!)
+    // ✅ Set cookie flow=register (Next.js 15+ syntax)
+    const cookieStore = await cookies();
+    cookieStore.set('auth_flow', 'register', {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      maxAge: 60 * 5, // 5 menit
+      path: '/'
+    });
+
+    // ✅ Kembalikan kodeId
     return NextResponse.json({
       success: true,
       message: 'Kode verifikasi dikirim',

src/app/api/[auth]/set-flow/route.ts

@@ -0,0 +1,34 @@
+// app/api/auth/set-flow/route.ts
+import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
+
+export async function POST(request: Request) {
+  try {
+    const { flow } = await request.json();
+    
+    if (!flow || !['login', 'register'].includes(flow)) {
+      return NextResponse.json(
+        { success: false, message: 'Invalid flow parameter' },
+        { status: 400 }
+      );
+    }
+    
+    // ✅ Next.js 15 syntax
+    const cookieStore = await cookies();
+    cookieStore.set('auth_flow', flow, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      maxAge: 60 * 5,
+      path: '/'
+    });
+    
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error('❌ Error setting flow cookie:', error);
+    return NextResponse.json(
+      { success: false, message: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}

src/app/api/auth/_lib/api_fetch_auth.ts

@@ -14,6 +14,7 @@ export const apiFetchLogin = async ({ nomor }: { nomor: string }) => {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ nomor: cleanPhone }),
+    credentials: 'include'
   });
 
   // Pastikan respons bisa di-parse sebagai JSON
@@ -58,6 +59,7 @@ export const apiFetchRegister = async ({
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ username: username.trim(), nomor: cleanPhone }),
+    credentials: 'include',
   });
 
   const data = await response.json();

src/app/api/auth/finalize-registration/route.ts

@@ -1,13 +1,27 @@
 // src/app/api/auth/finalize-registration/route.ts
-
 import prisma from "@/lib/prisma";
 import { NextResponse } from "next/server";
-import { sessionCreate } from "../_lib/session_create";
+import { sessionCreate } from "../../[auth]/_lib/session_create";
+
+
+// ✅ Gunakan STRING untuk roleId
+const DEFAULT_MENUS_BY_ROLE: Record<string, string[]> = {
+  "0": [
+    "Landing Page", "PPID", "Desa", "Kesehatan", "Keamanan",
+    "Ekonomi", "Inovasi", "Lingkungan", "Pendidikan", "User & Role"
+  ],
+  "1": [
+    "Landing Page", "PPID", "Desa", "Keamanan",
+    "Ekonomi", "Inovasi", "Lingkungan", "User & Role"
+  ],
+  "2": ["Landing Page", "Desa", "Ekonomi", "Inovasi", "Lingkungan"],
+  "3": ["Kesehatan"],
+  "4": ["Pendidikan"],
+};
 
 export async function POST(req: Request) {
   try {
     const { nomor, username, kodeId } = await req.json();
-
     const cleanNomor = nomor.replace(/\D/g, "");
 
     if (!cleanNomor || !username || !kodeId) {
@@ -17,13 +31,12 @@ export async function POST(req: Request) {
       );
     }
 
-    // Di awal fungsi POST
-    console.log("📦 Received payload:", { nomor, username, kodeId });
-
-    // Validasi OTP
-    const otpRecord = await prisma.kodeOtp.findUnique({
+    // Verify OTP
+    const otpRecord = await prisma.kodeOtp.findUnique({ 
       where: { id: kodeId },
+      select: { nomor: true, isActive: true }
     });
+
     if (!otpRecord?.isActive || otpRecord.nomor !== cleanNomor) {
       return NextResponse.json(
         { success: false, message: "OTP tidak valid" },
@@ -31,7 +44,7 @@ export async function POST(req: Request) {
       );
     }
 
-    // Cek duplikat username
+    // Check duplicate username
     if (await prisma.user.findFirst({ where: { username } })) {
       return NextResponse.json(
         { success: false, message: "Username sudah digunakan" },
@@ -39,36 +52,59 @@ export async function POST(req: Request) {
       );
     }
 
-    // ✅ Gunakan username dari input user
-    const defaultRole = await prisma.role.findFirst({
-      where: { name: "ADMIN DESA" },
-      select: { id: true },
-    });
-
-    if (!defaultRole) {
+    // Check duplicate nomor
+    if (await prisma.user.findUnique({ where: { nomor: cleanNomor } })) {
       return NextResponse.json(
-        { success: false, message: "Role default tidak ditemukan" },
-        { status: 500 }
+        { success: false, message: "Nomor sudah terdaftar" },
+        { status: 409 }
       );
     }
 
-    // ✅ Buat user dengan username yang diinput
+    // 🔥 Tentukan roleId sebagai STRING
+    const targetRoleId = "2"; // ✅ Default ADMIN_DESA (roleId "2")
+
+    // Validasi role exists
+    const roleExists = await prisma.role.findUnique({
+      where: { id: targetRoleId },
+      select: { id: true }
+    });
+
+    if (!roleExists) {
+      return NextResponse.json(
+        { success: false, message: "Role tidak valid" },
+        { status: 400 }
+      );
+    }
+
+    // ✅ Create user (inactive, waiting approval)
     const newUser = await prisma.user.create({
       data: {
-        username, // ✅ Ini yang benar
-        nomor,
-        roleId: defaultRole.id,
-        isActive: false,
+        username,
+        nomor: cleanNomor,
+        roleId: targetRoleId,
+        isActive: false, // Waiting for admin approval
       },
     });
 
-    // Nonaktifkan OTP
+    // ✅ Berikan akses menu default based on role
+    const menuIds = DEFAULT_MENUS_BY_ROLE[targetRoleId] || [];
+    if (menuIds.length > 0) {
+      await prisma.userMenuAccess.createMany({
+        data: menuIds.map(menuId => ({
+          userId: newUser.id,
+          menuId,
+        })),
+        skipDuplicates: true, // ✅ Avoid duplicate errors
+      });
+    }
+
+    // ✅ Mark OTP as used
     await prisma.kodeOtp.update({
       where: { id: kodeId },
       data: { isActive: false },
     });
 
-    // ✅ BUAT SESI untuk user baru (meski isActive = false)
+    // ✅ Create session token
     const token = await sessionCreate({
       sessionKey: process.env.BASE_SESSION_KEY!,
       jwtSecret: process.env.BASE_TOKEN_KEY!,
@@ -76,39 +112,39 @@ export async function POST(req: Request) {
       user: {
         id: newUser.id,
         nomor: newUser.nomor,
-        username: newUser.username, // ✅ Pastikan sesuai
+        username: newUser.username,
         roleId: newUser.roleId,
-        isActive: false,
+        isActive: false, // User belum aktif
       },
+      invalidatePrevious: false,
     });
 
-    // Set cookie
+    // ✅ PENTING: Return JSON response (bukan redirect)
     const response = NextResponse.json({
       success: true,
       message: "Registrasi berhasil. Menunggu persetujuan admin.",
-      user: {
-        id: newUser.id,
-        name: newUser.username,
-        roleId: newUser.roleId,
-        isActive: false,
-      },
+      userId: newUser.id,
     });
 
-    response.cookies.set(process.env.BASE_SESSION_KEY!, token, {
+    // ✅ Set session cookie
+    const cookieName = process.env.BASE_SESSION_KEY || 'session';
+    response.cookies.set(cookieName, token, {
       httpOnly: true,
       secure: process.env.NODE_ENV === "production",
+      sameSite: 'lax',
       path: "/",
-      maxAge: 30 * 24 * 60 * 60,
+      maxAge: 30 * 24 * 60 * 60, // 30 days
     });
 
     return response;
+
   } catch (error) {
     console.error("❌ Finalize Registration Error:", error);
     return NextResponse.json(
-      { success: false, message: "Registrasi gagal" },
+      { success: false, message: "Registrasi gagal. Silakan coba lagi." },
       { status: 500 }
     );
   } finally {
     await prisma.$disconnect();
   }
-}
+}

src/app/darmasaba/(pages)/ppid/indeks-kepuasan-masyarakat/page.tsx

@@ -41,7 +41,7 @@ const state = useProxy(indeksKepuasanState.responden);
     indeksKepuasanState.jenisKelaminResponden.findMany.load()
     indeksKepuasanState.pilihanRatingResponden.findMany.load()
     indeksKepuasanState.kelompokUmurResponden.findMany.load()
-  })
+  },[])
 
   const handleSubmit = async () => {
     try {

src/app/darmasaba/_com/main-page/kepuasan/index.tsx

@@ -41,7 +41,7 @@ function Kepuasan() {
     indeksKepuasanState.jenisKelaminResponden.findMany.load()
     indeksKepuasanState.pilihanRatingResponden.findMany.load()
     indeksKepuasanState.kelompokUmurResponden.findMany.load()
-  })
+  },[])
 
   const handleSubmit = async () => {
     try {

src/app/darmasaba/_com/main-page/landing-page/index.tsx

@@ -59,6 +59,35 @@ const getWorkStatus = (day: string, currentTime: string): { status: string; mess
     : { status: "Tutup", message: "08:00 - 17:00" };
 };
 
+// Skeleton component untuk Social Media
+const SosmedSkeleton = () => (
+  <Flex gap="md" justify="center" wrap="wrap">
+    {[1, 2, 3, 4].map((i) => (
+      <Skeleton key={i} height={56} width={56} circle />
+    ))}
+  </Flex>
+);
+
+// Skeleton component untuk Profile
+const ProfileSkeleton = () => (
+  <Card
+    radius="xl"
+    bg={colors.grey[1]}
+    p="lg"
+    shadow="xl"
+    w={{ base: "100%", md: "35%" }}
+    style={{ height: "fit-content" }}
+  >
+    <Stack gap="lg" align="center">
+      <Skeleton height={300} width="100%" radius="lg" />
+      <Stack gap="xs" w="100%" align="center">
+        <Skeleton height={20} width="60%" />
+        <Skeleton height={32} width="80%" />
+      </Stack>
+    </Stack>
+  </Card>
+);
+
 function LandingPage() {
   const [socialMedia, setSocialMedia] = useState<
     Prisma.MediaSosialGetPayload<{ include: { image: true } }>[]
@@ -66,9 +95,8 @@ function LandingPage() {
   const [profile, setProfile] = useState<
     Prisma.PejabatDesaGetPayload<{ include: { image: true } }> | null
   >(null);
-  const [isLoading, setIsLoading] = useState(true);
-
-  
+  const [isLoadingSosmed, setIsLoadingSosmed] = useState(true);
+  const [isLoadingProfile, setIsLoadingProfile] = useState(true);
 
   useEffect(() => {
     const fetchSocialMedia = async () => {
@@ -86,7 +114,7 @@ function LandingPage() {
       } catch {
         setSocialMedia([]);
       } finally {
-        setIsLoading(false);
+        setIsLoadingSosmed(false);
       }
     };
 
@@ -98,6 +126,8 @@ function LandingPage() {
         setProfile(result.data || null);
       } catch {
         setProfile(null);
+      } finally {
+        setIsLoadingProfile(false);
       }
     };
 
@@ -189,8 +219,8 @@ function LandingPage() {
 
               <ModuleView />
 
-              {isLoading ? (
-                <Skeleton height={32} width="100%" />
+              {isLoadingSosmed ? (
+                <SosmedSkeleton />
               ) : socialMedia.length > 0 ? (
                 <SosmedView data={socialMedia} />
               ) : (
@@ -207,19 +237,27 @@ function LandingPage() {
           </Card>
         </Stack>
 
-        {isLoading ? (
-          <Skeleton height={300} width="100%" radius="lg" />
+        {isLoadingProfile ? (
+          <ProfileSkeleton />
         ) : profile ? (
           <ProfileView data={profile} />
         ) : (
-          <Center w="100%">
-            <Text c="dimmed">Informasi profil belum tersedia</Text>
-          </Center>
+          <Card
+            radius="xl"
+            bg={colors.grey[1]}
+            p="lg"
+            shadow="xl"
+            w={{ base: "100%", md: "35%" }}
+            style={{ height: "fit-content" }}
+          >
+            <Center h={300}>
+              <Text c="dimmed">Informasi profil belum tersedia</Text>
+            </Center>
+          </Card>
         )}
       </Flex>
-      
     </Stack>
   );
 }
 
-export default LandingPage;
+export default LandingPage;

src/app/darmasaba/page.tsx

@@ -1,3 +1,4 @@
+/* eslint-disable react-hooks/exhaustive-deps */
 'use client'
 import DesaAntiKorupsi from "@/app/darmasaba/_com/main-page/desaantikorupsi";
 import Kepuasan from "@/app/darmasaba/_com/main-page/kepuasan";
@@ -13,32 +14,34 @@ import Apbdes from "./_com/main-page/apbdes";
 import Prestasi from "./_com/main-page/prestasi";
 import ScrollToTopButton from "./_com/scrollToTopButton";
 
-import NewsReaderLanding from "./_com/NewsReaderalanding";
-import ModernNewsNotification from "./_com/ModernNeewsNotification";
-import { useMemo } from "react";
-import { useProxy } from "valtio/utils";
+import { useEffect, useMemo } from "react";
+import { useSnapshot } from "valtio";
 import stateDashboardBerita from "../admin/(dashboard)/_state/desa/berita";
 import stateDesaPengumuman from "../admin/(dashboard)/_state/desa/pengumuman";
-import { useEffect } from "react";
+import ModernNewsNotification from "./_com/ModernNeewsNotification";
+import NewsReaderLanding from "./_com/NewsReaderalanding";
 
 
 export default function Page() {
-  const featured = useProxy(stateDashboardBerita.berita.findFirst);
+  const snap1 = useSnapshot(stateDashboardBerita.berita.findFirst);
+  const snap2 = useSnapshot(stateDesaPengumuman.pengumuman.findFirst);
+
+  const featured = snap1;
+  const pengumuman = snap2;
   const loadingFeatured = featured.loading;
-  const pengumuman = useProxy(stateDesaPengumuman.pengumuman.findFirst);
   const loadingPengumuman = pengumuman.loading;
 
   useEffect(() => {
     if (!featured.data && !loadingFeatured) {
       stateDashboardBerita.berita.findFirst.load();
     }
-  }, [featured.data, loadingFeatured]);
+  }, []);
 
   useEffect(() => {
     if (!pengumuman.data && !loadingPengumuman) {
       stateDesaPengumuman.pengumuman.findFirst.load();
     }
-  }, [pengumuman.data, loadingPengumuman]);
+  }, []);
 
 
   const newsData = useMemo(() => {

src/app/waiting-room/page.tsx

@@ -2,14 +2,24 @@
 'use client';
 
 import colors from '@/con/colors';
-import { Center, Loader, Paper, Stack, Text, Title } from '@mantine/core';
+import {
+  Button,
+  Center,
+  Loader,
+  Paper,
+  Stack,
+  Text,
+  Title,
+} from '@mantine/core';
 import { useRouter } from 'next/navigation';
 import { useEffect, useState } from 'react';
+import { authStore } from '@/store/authStore'; // ✅ integrasi authStore
 
 async function fetchUser() {
-  const res = await fetch('/api/auth/me');
+  const res = await fetch('/api/auth/me', {
+    credentials: 'include'
+  });
   if (!res.ok) {
-    // Jangan throw error — biarkan handle status code
     const text = await res.text();
     throw new Error(`HTTP ${res.status}: ${text}`);
   }
@@ -21,10 +31,15 @@ export default function WaitingRoom() {
   const [user, setUser] = useState<any>(null);
   const [error, setError] = useState<string | null>(null);
   const [isRedirecting, setIsRedirecting] = useState(false);
+  const [retryCount, setRetryCount] = useState(0);
+  const MAX_RETRIES = 2;
+
 
   useEffect(() => {
     let isMounted = true;
-    const interval = setInterval(async () => {
+    let interval: ReturnType<typeof setInterval>;
+
+    const poll = async () => {
       if (isRedirecting || !isMounted) return;
 
       try {
@@ -34,63 +49,110 @@ export default function WaitingRoom() {
         const currentUser = data.user;
         setUser(currentUser);
 
-        // ✅ Periksa isActive dan redirect
+        // ✅ Update authStore
+        if (currentUser) {
+          authStore.setUser({
+            id: currentUser.id,
+            name: currentUser.name,
+            roleId: Number(currentUser.roleId),
+            menuIds: currentUser.menuIds || null,
+          });
+        }
+
+        // In the poll function
         if (currentUser?.isActive === true) {
           setIsRedirecting(true);
           clearInterval(interval);
 
-          // ✅ roleId adalah STRING → gunakan string literal
-          let redirectPath = '/admin';
+          // Update authStore with the current user data
+          authStore.setUser({
+            id: currentUser.id,
+            name: currentUser.name || 'User',
+            roleId: Number(currentUser.roleId),
+            menuIds: currentUser.menuIds || null,
+            isActive: true
+          });
 
-          switch (currentUser.roleId) {
-            case "0": // DEVELOPER
-            case "1": // SUPERADMIN
-            case "2": // ADMIN_DESA
-              redirectPath = '/admin/landing-page/profil/program-inovasi';
-              break;
-            case "3": // ADMIN_KESEHATAN
-              redirectPath = '/admin/kesehatan/posyandu';
-              break;
-            case "4": // ADMIN_PENDIDIKAN
-              redirectPath = '/admin/pendidikan/info-sekolah/jenjang-pendidikan';
-              break;
+          // Clean up storage
+          localStorage.removeItem('auth_kodeId');
+          localStorage.removeItem('auth_nomor');
+          localStorage.removeItem('auth_username');
+
+          // Force a session refresh
+          try {
+            const res = await fetch('/api/refresh-session', {
+              method: 'POST',
+              credentials: 'include'
+            });
+
+            if (res.ok) {
+              // Redirect based on role
+              let redirectPath = '/admin';
+              switch (String(currentUser.roleId)) {
+                case "0": case "1": case "2":
+                  redirectPath = '/admin/landing-page/profil/program-inovasi';
+                  break;
+                case "3":
+                  redirectPath = '/admin/kesehatan/posyandu';
+                  break;
+                case "4":
+                  redirectPath = '/admin/pendidikan/info-sekolah/jenjang-pendidikan';
+                  break;
+              }
+              window.location.href = redirectPath; // Use window.location to force full page reload
+            }
+          } catch (error) {
+            console.error('Error refreshing session:', error);
+            router.refresh(); // Fallback to client-side refresh
           }
-
-          setTimeout(() => router.push(redirectPath), 500);
         }
       } catch (err: any) {
         if (!isMounted) return;
 
-        // ❌ Hanya redirect ke /login jika benar-benar tidak ada sesi
         if (err.message.includes('401')) {
-          setError('Sesi tidak valid');
-          clearInterval(interval);
-          router.push('/login');
+          if (retryCount < MAX_RETRIES) {
+            setRetryCount((prev) => prev + 1);
+            setTimeout(() => {
+              if (isMounted) interval = setInterval(poll, 3000);
+            }, 800);
+          } else {
+            setError('Sesi tidak valid. Silakan login ulang.');
+            clearInterval(interval);
+            authStore.setUser(null); // ✅ clear sesi
+          }
         } else {
           console.error('Error polling:', err);
         }
       }
-    }, 3000);
+    };
 
+    interval = setInterval(poll, 3000);
     return () => {
       isMounted = false;
-      clearInterval(interval);
+      if (interval) clearInterval(interval);
     };
-  }, [router, isRedirecting]);
+  }, [router, isRedirecting, retryCount]);
 
+  // ✅ UI Error
   if (error) {
     return (
       <Center h="100vh">
         <Paper p="xl" radius="md" bg={colors['white-trans-1']} w={400}>
           <Stack align="center" gap="md">
-            <Title order={3} c="red">Error</Title>
+            <Title order={3} c="red">
+              Sesi Tidak Valid
+            </Title>
             <Text>{error}</Text>
+            <Button onClick={() => router.push('/login')}>
+              Login Ulang
+            </Button>
           </Stack>
         </Paper>
       </Center>
     );
   }
 
+  // ✅ UI Redirecting
   if (isRedirecting) {
     return (
       <Center h="100vh" bg={colors.Bg}>
@@ -109,6 +171,7 @@ export default function WaitingRoom() {
     );
   }
 
+  // ✅ UI Default (MENUNGGU) — INI YANG KAMU HILANGKAN!
   return (
     <Center h="100vh" bg={colors.Bg}>
       <Paper p="xl" radius="md" bg={colors['white-trans-1']} w={{ base: '90%', sm: 400 }}>

src/store/authStore.ts

@@ -6,6 +6,7 @@ export type User = {
   name: string;
   roleId: number;
   menuIds?: string[] | null; // ✅ Pastikan pakai `string[]`
+  isActive?: boolean;
 };
 
 export const authStore = proxy<{