From 40a77277f5ed648d0a78e8974dc012f49cc5ec6c Mon Sep 17 00:00:00 2001
From: Bagasbanuna02 <bagasbanuna02@gmail.com>
Date: Mon, 16 Jun 2025 11:12:51 +0800
Subject: [PATCH] fix middleware and login logout

---
 .../comp_button_user_circle.tsx               |  2 +-
 src/app_modules/auth/invalid_user/view.tsx    |  2 +-
 src/app_modules/auth/logout/view.tsx          |  2 +-
 src/middleware.ts                             | 56 ++++++++++++++++++-
 4 files changed, 58 insertions(+), 4 deletions(-)

diff --git a/src/app_modules/admin/_components_v3/comp_button_user_circle.tsx b/src/app_modules/admin/_components_v3/comp_button_user_circle.tsx
index a3131416..765a1f35 100644
--- a/src/app_modules/admin/_components_v3/comp_button_user_circle.tsx
+++ b/src/app_modules/admin/_components_v3/comp_button_user_circle.tsx
@@ -138,7 +138,7 @@ export function Admin_V3_ComponentButtonUserCircle({
 
       if (response && response.success) {
         ComponentGlobal_NotifikasiBerhasil(response.message);
-        router.replace("/", { scroll: false });
+        router.replace("/login", { scroll: false });
       }
     } catch (error) {
       console.error(error);
diff --git a/src/app_modules/auth/invalid_user/view.tsx b/src/app_modules/auth/invalid_user/view.tsx
index 8ee76bd8..015fcc3b 100644
--- a/src/app_modules/auth/invalid_user/view.tsx
+++ b/src/app_modules/auth/invalid_user/view.tsx
@@ -20,7 +20,7 @@ export default function InvalidUser() {
       await fetch("/api/auth/logout", {
         method: "GET",
       });
-      router.push("/", { scroll: false });
+      router.replace("/login", { scroll: false });
       setIsLoading(false);
     } catch (error) {
       setIsLoading(false);
diff --git a/src/app_modules/auth/logout/view.tsx b/src/app_modules/auth/logout/view.tsx
index 9d091b17..774d02df 100644
--- a/src/app_modules/auth/logout/view.tsx
+++ b/src/app_modules/auth/logout/view.tsx
@@ -22,7 +22,7 @@ export default function Component_ButtonLogout({ userId }: { userId: string }) {
 
       if (response && response.success) {
         ComponentGlobal_NotifikasiBerhasil(response.message);
-        router.replace("/", { scroll: false });
+        router.replace("/login", { scroll: false });
       }
     } catch (error) {
       console.error(error);
diff --git a/src/middleware.ts b/src/middleware.ts
index ec0e424b..e96e9af7 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -71,6 +71,7 @@ export const middleware = async (req: NextRequest) => {
   // Get token from cookie or Authorization header
   const token = getToken(req, sessionKey);
   const user = await verifyToken({ token, encodedKey });
+  // console.log("user >>", user);
 
   // Handle login page access
   if (pathname === loginPath) {
@@ -164,6 +165,56 @@ export const middleware = async (req: NextRequest) => {
     }
   }
 
+  if (pathname.startsWith("/dev/admin")) {
+    try {
+      const apiBaseUrl =
+        process.env.NEXT_PUBLIC_API_URL || new URL(req.url).origin;
+      const userValidateResponse = await fetch(
+        `${apiBaseUrl}/api/user-validate`,
+        {
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+          },
+        }
+      );
+
+      if (!userValidateResponse.ok) {
+        console.error(
+          "User validation failed:",
+          userValidateResponse.statusText
+        );
+        return setCorsHeaders(unauthorizedResponseAPIUserValidate(req));
+      }
+
+      const userValidateJson = await userValidateResponse.json();
+      // console.log("data json >>", userValidateJson.data);
+
+      if (userValidateJson.success === true && !userValidateJson.data) {
+        return setCorsHeaders(unauthorizedResponseDataUserNotFound(req));
+      }
+
+      if (userValidateJson.data.masterUserRoleId === "1") {
+        return setCorsHeaders(unauthorizedResponseUserNotAdmin(req));
+      }
+
+      if (!userValidateJson.data.active) {
+        return setCorsHeaders(unauthorizedResponseUserNotActive(req));
+      }
+    } catch (error) {
+      console.error("Error during user validation API:", error);
+      if (!token) return setCorsHeaders(unauthorizedResponseTokenPAGE());
+      return setCorsHeaders(
+        await unauthorizedResponseValidationUser({
+          loginPath,
+          sessionKey,
+          token,
+          req,
+        })
+      );
+    }
+  }
+
   // Default: proceed with request and add CORS headers
   const response = NextResponse.next();
   return setCorsHeaders(response);
@@ -193,7 +244,6 @@ function getToken(req: NextRequest, sessionKey: string): string | undefined {
   return undefined;
 }
 
-
 function cookieOptions() {
   return {
     secure: process.env.NODE_ENV === "production",
@@ -331,6 +381,10 @@ function unauthorizedResponseUserNotActive(req: NextRequest) {
   );
 }
 
+function unauthorizedResponseUserNotAdmin(req: NextRequest) {
+  return setCorsHeaders(NextResponse.redirect(new URL("/dev/home", req.url)));
+}
+
 async function unauthorizedResponseValidationUser({
   loginPath,
   sessionKey,