wibu/hipmi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #278 from bipproduction/bagas/5-feb-25

Browse Source 
Bagas/5 feb 25
This commit is contained in:
Bagasbanuna02
2025-02-05 17:53:56 +08:00
committed by GitHub
parent 4e1224af8f 61f8e03c73
commit ae7a928d69
59 changed files with 917 additions and 1547 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
src/app/auth/_lib/decrypt.ts → src/app/(auth)/_lib/decrypt.ts
View File

0
src/app/auth/_lib/encrypt.ts → src/app/(auth)/_lib/encrypt.ts
View File

0
src/app/auth/_lib/session_create.ts → src/app/(auth)/_lib/session_create.ts
View File

0
src/app/(user)/login/page.tsx → src/app/(auth)/login/page.tsx
View File

0
src/app/(user)/register/page.tsx → src/app/(auth)/register/page.tsx
View File

0
src/app/(user)/splash/page.tsx → src/app/(auth)/splash/page.tsx
View File

0
src/app/(user)/validasi/page.tsx → src/app/(auth)/validasi/page.tsx
View File

0
src/app/(user)/waiting-room/page.tsx → src/app/(auth)/waiting-room/page.tsx
View File

39
src/app/api/auth/code/route.ts → src/app/api/auth/code/[id]/route.ts
View File

@@ -1,8 +1,12 @@
import { prisma } from "@/app/lib";
import backendLogger from "@/util/backendLogger";
import { NextResponse } from "next/server";
export { DELETE };
async function DELETE(request: Request) {
async function DELETE(
request: Request,
{ params }: { params: { id: string } }
) {
if (request.method !== "DELETE") {
return NextResponse.json(
{ success: false, message: "Method not allowed" },
@@ -10,39 +14,24 @@ async function DELETE(request: Request) {
);
}
try {
// Ambil parameter nomor dari URL
const { searchParams } = new URL(request.url);
const nomor = searchParams.get("nomor");
// Ambil parameter id dari URL
const { id } = params;
// Validasi parameter nomor
if (!nomor) {
if (!id) {
return NextResponse.json(
{
success: false,
message: "Parameter 'nomor' diperlukan",
message: "Parameter 'id' diperlukan",
},
{ status: 400 }
);
}
// Cek apakah data OTP dengan nomor tersebut ada
const existingOtp = await prisma.kodeOtp.findFirst({
where: { nomor },
});
if (!existingOtp) {
return NextResponse.json(
{
success: false,
message: "Data OTP tidak ditemukan",
},
{ status: 404 }
);
}
// Hapus data OTP
await prisma.kodeOtp.deleteMany({
where: { nomor },
await prisma.kodeOtp.delete({
where: {
id: id,
},
});
return NextResponse.json(
@@ -53,7 +42,7 @@ async function DELETE(request: Request) {
{ status: 200 }
);
} catch (error) {
console.error("Error deleting OTP:", error);
backendLogger.error("Error deleting OTP:", error);
return NextResponse.json(
{
success: false,

87
src/app/api/auth/register/route.ts
View File

@@ -1,11 +1,19 @@
import { sessionCreate } from "@/app/auth/_lib/session_create";
import { sessionCreate } from "@/app/(auth)/_lib/session_create";
import prisma from "@/app/lib/prisma";
import backendLogger from "@/util/backendLogger";
import { NextResponse } from "next/server";
export async function POST(req: Request) {
if (req.method === "POST") {
if (req.method !== "POST") {
return NextResponse.json(
{ success: false, message: "Method Not Allowed" },
{ status: 405 }
);
}
try {
const { data } = await req.json();
console.log("data api register", data);
const cekUsername = await prisma.user.findUnique({
where: {
@@ -13,46 +21,51 @@ export async function POST(req: Request) {
},
});
try {
if (cekUsername)
return NextResponse.json(
{ success: false, message: "Username sudah digunakan" },
{ status: 400 }
);
const createUser = await prisma.user.create({
data: {
username: data.username,
nomor: data.nomor,
active: false,
},
if (cekUsername)
return NextResponse.json({
success: false,
message: "Username sudah digunakan",
});
const token = await sessionCreate({
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
user: createUser as any,
});
const createUser = await prisma.user.create({
data: {
username: data.username,
nomor: data.nomor,
active: false,
},
});
if (!createUser)
return NextResponse.json(
{ success: true, message: "Berhasil Login", data: createUser },
{ status: 200 }
);
} catch (error) {
backendLogger.log("Error registrasi:", error);
return NextResponse.json(
{
success: false,
message: "Server Error",
reason: (error as Error).message,
},
{ success: false, message: "Gagal Registrasi" },
{ status: 500 }
);
}
}
return NextResponse.json(
{ success: false, message: "Method Not Allowed" },
{ status: 405 }
);
const token = await sessionCreate({
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
user: createUser as any,
});
return NextResponse.json(
{
success: true,
message: "Registrasi Berhasil, Anda Sedang Login",
// data: createUser,
},
{ status: 201 }
);
} catch (error) {
backendLogger.error("Error registrasi:", error);
return NextResponse.json(
{
success: false,
message: "Maaf, Terjadi Keselahan",
reason: (error as Error).message,
},
{ status: 500 }
);
} finally {
await prisma.$disconnect();
}
}

101
src/app/api/auth/resend/route.ts
View File

@@ -1,69 +1,72 @@
import { prisma } from "@/app/lib";
import { randomOTP } from "@/app_modules/auth/fun/rondom_otp";
import backendLogger from "@/util/backendLogger";
import { NextResponse } from "next/server";
export async function POST(req: Request) {
if (req.method === "POST") {
if (req.method !== "POST") {
return NextResponse.json(
{ success: false, message: "Method Not Allowed" },
{ status: 405 }
);
}
try {
const codeOtp = randomOTP();
const body = await req.json();
const { nomor } = body;
try {
const res = await fetch(
`https://wa.wibudev.com/code?nom=${nomor}&text=HIPMI - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun pengurus HIPMI lainnya.
const res = await fetch(
`https://wa.wibudev.com/code?nom=${nomor}&text=HIPMI - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun pengurus HIPMI lainnya.
\n
>> Kode OTP anda: ${codeOtp}.
`
);
const sendWa = await res.json();
if (sendWa.status !== "success")
return NextResponse.json(
{
success: false,
message: "Nomor Whatsapp Tidak Aktif",
},
{ status: 400 }
);
const createOtpId = await prisma.kodeOtp.create({
data: {
nomor: nomor,
otp: codeOtp,
},
});
if (!createOtpId)
return NextResponse.json(
{
success: false,
message: "Gagal Membuat Kode OTP",
},
{ status: 400 }
);
return NextResponse.json(
{
success: true,
message: "Kode Verifikasi Dikirim",
kodeId: createOtpId.id,
},
{ status: 200 }
);
} catch (error) {
console.log(error);
);
const sendWa = await res.json();
if (sendWa.status !== "success")
return NextResponse.json(
{
success: false,
message: "Server Whatsapp Error !!",
message: "Nomor Whatsapp Tidak Aktif",
},
{ status: 500 }
{ status: 400 }
);
}
const createOtpId = await prisma.kodeOtp.create({
data: {
nomor: nomor,
otp: codeOtp,
},
});
if (!createOtpId)
return NextResponse.json(
{
success: false,
message: "Gagal Membuat Kode OTP",
},
{ status: 400 }
);
return NextResponse.json(
{
success: true,
message: "Kode Verifikasi Dikirim",
kodeId: createOtpId.id,
},
{ status: 200 }
);
} catch (error) {
backendLogger.error(" Error Resend OTP", error);
return NextResponse.json(
{
success: false,
message: "Server Whatsapp Error !!",
},
{ status: 500 }
);
} finally {
await prisma.$disconnect();
}
return NextResponse.json(
{ success: false, message: "Method Not Allowed" },
{ status: 405 }
);
}

4
src/app/api/auth/validasi/route.ts
View File

@@ -1,4 +1,4 @@
import { sessionCreate } from "@/app/auth/_lib/session_create";
import { sessionCreate } from "@/app/(auth)/_lib/session_create";
import prisma from "@/app/lib/prisma";
import backendLogger from "@/util/backendLogger";
import { NextResponse } from "next/server";
@@ -52,7 +52,7 @@ export async function POST(req: Request) {
return NextResponse.json(
{
success: false,
message: "API Error or Server Error",
message: "Maaf, Terjadi Keselahan",
reason: (error as Error).message,
},
{ status: 500 }

6
src/app/api/user-validate/route.ts
View File

@@ -1,4 +1,4 @@
import { decrypt } from "@/app/auth/_lib/decrypt";
import { decrypt } from "@/app/(auth)/_lib/decrypt";
import { prisma } from "@/app/lib";
import { cookies } from "next/headers";
import { NextRequest, NextResponse } from "next/server";
@@ -32,7 +32,6 @@ export async function GET(req: NextRequest) {
});
// Disconnect after successful query
await prisma.$disconnect();
return NextResponse.json({
success: true,
@@ -41,7 +40,6 @@ export async function GET(req: NextRequest) {
});
} catch (error) {
// Ensure connection is closed even if error occurs
await prisma.$disconnect();
console.error("Error in user validation:", error);
return NextResponse.json(
@@ -51,5 +49,7 @@ export async function GET(req: NextRequest) {
},
{ status: 500 }
);
} finally {
await prisma.$disconnect();
}
}

2
src/app/api/user/get-cookies/route.ts
View File

@@ -1,4 +1,4 @@
import { decrypt } from "@/app/auth/_lib/decrypt";
import { decrypt } from "@/app/(auth)/_lib/decrypt";
import _ from "lodash";
import { cookies } from "next/headers";
import { NextResponse } from "next/server";

2
src/app/api/user/route.ts
View File

@@ -1,5 +1,5 @@
import { decrypt } from "@/app/auth/_lib/decrypt";
import { decrypt } from "@/app/(auth)/_lib/decrypt";
import _ from "lodash";
import { cookies } from "next/headers";
import { NextResponse } from "next/server";

3
src/app/api/validation/route.ts
View File

@@ -1,10 +1,9 @@
import { NextResponse } from "next/server";
export async function GET(req: Request) {
const auth = req.headers.get("Authorization");
const token = auth?.split(" ")[1];
if (!token) return NextResponse.json({ success: false }, { status: 401 });
return NextResponse.json({ success: true });

25
src/app/auth/api/login/route.ts
View File

@@ -1,25 +0,0 @@
import { prisma } from "@/app/lib";
import { sessionCreate } from "../../_lib/session_create";
import { NextResponse } from "next/server";
export async function POST(req: Request) {
const user = await prisma.user.findUnique({
where: {
nomor: "6281339158911",
},
select: {
id: true,
nomor: true,
},
});
if (!user) return NextResponse.json({ success: false }, { status: 404 });
const token = await sessionCreate({
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
user: user as any,
});
return NextResponse.json({ success: true, token });
}

8
src/app/auth/api/logout/route.ts
View File

@@ -1,8 +0,0 @@
import { cookies } from "next/headers";
import { NextResponse } from "next/server";
export async function GET() {
const del = cookies().delete(process.env.NEXT_PUBLIC_BASE_SESSION_KEY!);
return NextResponse.json({ success: true, message: "Logout Berhasil" });
}

39
src/app/auth/login/page.tsx
View File

@@ -1,39 +0,0 @@
"use client";
import { Button } from "@mantine/core";
import { useState } from "react";
export default function Page() {
const [loading, setLoading] = useState(false);
async function login() {
setLoading(true);
try {
const res = await fetch("/auth/api/login", {
method: "POST",
});
const dataText = await res.text();
if (!res.ok) {
console.error(dataText);
throw new Error(res.statusText);
}
const dataJson = JSON.parse(dataText);
console.log(dataJson);
// window.location.replace("/dev/home");
} catch (error) {
console.error(error);
} finally {
setLoading(false);
}
}
return (
<>
<Button loading={loading} onClick={login}>
Login
</Button>
</>
);
}

2
src/app_modules/_global/fun/get/fun_get_user_id_by_token.ts
View File

@@ -1,7 +1,7 @@
"use server";
import { cookies } from "next/headers";
import { decrypt } from "../../../../app/auth/_lib/decrypt";
import { decrypt } from "../../../../app/(auth)/_lib/decrypt";
export async function funGetUserIdByToken() {
const SESSION_KEY = process.env.NEXT_PUBLIC_BASE_SESSION_KEY!;

37
src/app_modules/auth/_lib/api_fetch_auth.ts
View File

@@ -3,6 +3,7 @@ export {
apiGetCheckCodeOtp,
apiPostVerifikasiCodeOtp,
apiDeleteAktivasiKodeOtpByNomor,
apiFetchRegister,
};
const apiFetchLogin = async ({ nomor }: { nomor: string }) => {
@@ -35,14 +36,38 @@ const apiPostVerifikasiCodeOtp = async ({ nomor }: { nomor: string }) => {
return await respone.json().catch(() => null);
};
const apiDeleteAktivasiKodeOtpByNomor = async ({
nomor,
}: {
nomor: string;
}) => {
const respone = await fetch(`/api/auth/delete/${nomor}`, {
const apiDeleteAktivasiKodeOtpByNomor = async ({ id }: { id: string }) => {
const respone = await fetch(`/api/auth/code/${id}`, {
method: "DELETE",
headers: {
"Content-Type": "application/json",
},
});
return await respone.json().catch(() => null);
};
const apiFetchRegister = async ({
nomor,
username,
}: {
nomor: string;
username: string;
}) => {
const data = {
username: username,
nomor: nomor,
};
const respone = await fetch("/api/auth/register", {
method: "POST",
body: JSON.stringify({ data }),
headers: {
"Content-Type": "application/json",
},
});
const result = await respone.json();
return result;
// return await respone.json().catch(() => null);
};

80
src/app_modules/auth/register/view.tsx
View File

@@ -14,8 +14,13 @@ import { useState } from "react";
import { auth_funDeleteAktivasiKodeOtpByNomor } from "../fun/fun_edit_aktivasi_kode_otp_by_id";
import Register_SkeletonView from "./skeleton";
import { clientLogger } from "@/util/clientLogger";
import { apiGetCheckCodeOtp } from "../_lib/api_fetch_auth";
import {
apiDeleteAktivasiKodeOtpByNomor,
apiFetchRegister,
apiGetCheckCodeOtp,
} from "../_lib/api_fetch_auth";
import CustomSkeleton from "@/app_modules/components/CustomSkeleton";
import { ComponentGlobal_NotifikasiGagal } from "@/app_modules/_global/notif_global";
export default function Register() {
const router = useRouter();
@@ -24,82 +29,52 @@ export default function Register() {
const [isValue, setIsValue] = useState(false);
const focusTrapRef = useFocusTrap();
const [loading, setLoading] = useState(false);
const [idCode, setIdCode] = useState("");
useShallowEffect(() => {
const kodeId = localStorage.getItem("hipmi_auth_code_id");
if (kodeId != null) {
onCheckAuthCode({ kodeId: kodeId as string, onSetData: setNomor });
onCheckAuthCode({ kodeId: kodeId as string });
} else {
console.log("code id not found");
}
}, [setNomor]);
}, []);
async function onCheckAuthCode({
kodeId,
onSetData,
}: {
kodeId: string;
onSetData: any;
}) {
async function onCheckAuthCode({ kodeId }: { kodeId: string }) {
try {
const respone = await apiGetCheckCodeOtp({ id: kodeId });
if (respone) {
onSetData(respone.nomor);
setIdCode(kodeId);
setNomor(respone.nomor);
}
} catch (error) {
clientLogger.error("Error onCheckAuthCode:", error);
}
// const res = await fetch(`/api/auth/check?id=${kodeId}`);
// const result = await res.json();
}
async function onRegistarsi() {
const data = {
username: value,
nomor: nomor,
};
try {
setLoading(true);
const res = await fetch("/api/auth/register", {
method: "POST",
body: JSON.stringify({
data,
}),
headers: {
"Content-Type": "application/json",
},
});
const result = await res.json();
if (res.status === 200) {
ComponentGlobal_NotifikasiBerhasil(result.message);
localStorage.removeItem("hipmi_auth_code_id");
await auth_funDeleteAktivasiKodeOtpByNomor({
nomor: data.nomor,
});
const respone = await apiFetchRegister({ nomor: nomor, username: value });
if (respone.success) {
router.push("/waiting-room", { scroll: false });
return;
}
ComponentGlobal_NotifikasiBerhasil(respone.message);
if (res.status === 400) {
setLoading(false);
ComponentGlobal_NotifikasiPeringatan(result.message);
return;
}
try {
const responeDelete = await apiDeleteAktivasiKodeOtpByNomor({
id: idCode,
});
if (res.status === 405) {
if (responeDelete) {
localStorage.removeItem("hipmi_auth_code_id");
}
} catch (error) {
clientLogger.error("Error apiDeleteAktivasiKodeOtpByNomor:", error);
}
} else {
setLoading(false);
ComponentGlobal_NotifikasiPeringatan(result.message);
return;
}
if (res.status === 500) {
setLoading(false);
ComponentGlobal_NotifikasiPeringatan(result.message);
return;
ComponentGlobal_NotifikasiPeringatan(respone.message);
}
} catch (error) {
setLoading(false);
@@ -162,6 +137,7 @@ export default function Register() {
value.length < 5 ||
_.values(value).includes(" ")
}
style={{ transition: "0.5s" }}
loading={loading ? true : false}
loaderPosition="center"
radius={"md"}

144
src/app_modules/auth/validasi/view.tsx
View File

@@ -1,7 +1,6 @@
"use client";
import { RouterAdminDashboard } from "@/app/lib/router_hipmi/router_admin";
import { RouterHome } from "@/app/lib/router_hipmi/router_home";
import {
AccentColor,
MainColor,
@@ -26,12 +25,9 @@ import { useRouter } from "next/navigation";
import { useEffect, useState } from "react";
import { ComponentGlobal_NotifikasiGagal } from "@/app_modules/_global/notif_global";
import { auth_funDeleteAktivasiKodeOtpByNomor } from "../fun/fun_edit_aktivasi_kode_otp_by_id";
import Validasi_SkeletonView from "./skeleton";
import CustomSkeleton from "@/app_modules/components/CustomSkeleton";
import { clientLogger } from "@/util/clientLogger";
import { IconChevronLeft } from "@tabler/icons-react";
import _ from "lodash";
import CustomSkeleton from "@/app_modules/components/CustomSkeleton";
import {
apiDeleteAktivasiKodeOtpByNomor,
apiGetCheckCodeOtp,
@@ -46,6 +42,7 @@ export default function Validasi() {
const [counter, setCounter] = useState(60);
const [loadingResend, setLoadingResend] = useState(false);
const [triggerOtp, setTriggerOtp] = useState(false);
const [idCode, setIdCode] = useState("");
const [data, setData] = useState({
nomor: "",
@@ -74,7 +71,9 @@ export default function Validasi() {
async function onCheckAuthCode({ kodeId }: { kodeId: string }) {
try {
const respone = await apiGetCheckCodeOtp({ id: kodeId });
if (respone) {
setIdCode(kodeId);
setData({
nomor: respone.nomor,
code: respone.otp,
@@ -101,21 +100,21 @@ export default function Validasi() {
if (respone && respone.success == true) {
if (respone.roleId == "1") {
router.push("/login", { scroll: false });
ComponentGlobal_NotifikasiBerhasil(respone.message);
localStorage.removeItem("hipmi_auth_code_id");
router.push(RouterHome.main_home, { scroll: false });
} else if (respone.roleId != "1") {
ComponentGlobal_NotifikasiBerhasil("Admin berhasil login");
localStorage.removeItem("hipmi_auth_code_id");
router.push(RouterAdminDashboard.splash_admin, { scroll: false });
ComponentGlobal_NotifikasiBerhasil("Admin berhasil login");
}
try {
const responeDelete = await apiDeleteAktivasiKodeOtpByNomor({
nomor: data.nomor,
id: idCode,
});
if (responeDelete) {
localStorage.removeItem("hipmi_auth_code_id");
}
} catch (error) {
clientLogger.error("Error apiDeleteAktivasiKodeOtpByNomor:", error);
}
@@ -123,47 +122,6 @@ export default function Validasi() {
router.push("/register", { scroll: false });
ComponentGlobal_NotifikasiBerhasil(respone.message);
}
// if (respone.status === 200 && result.roleId == "1") {
// ComponentGlobal_NotifikasiBerhasil(result.message);
// localStorage.removeItem("hipmi_auth_code_id");
// await auth_funDeleteAktivasiKodeOtpByNomor({
// nomor: data.nomor,
// });
// router.push(RouterHome.main_home, { scroll: false });
// return;
// }
// if (respone.status === 200 && result.roleId != "1") {
// ComponentGlobal_NotifikasiBerhasil("Admin Logged in");
// localStorage.removeItem("hipmi_auth_code_id");
// await auth_funDeleteAktivasiKodeOtpByNomor({
// nomor: data.nomor,
// });
// router.push(RouterAdminDashboard.splash_admin, { scroll: false });
// return;
// }
// if (respone.status === 404) {
// setLoading(false);
// router.push("/register", { scroll: false });
// ComponentGlobal_NotifikasiBerhasil(result.message);
// return;
// }
// if (respone.status === 400) {
// setLoading(false);
// ComponentGlobal_NotifikasiPeringatan(result.message);
// return;
// }
// if (respone.status == 500) {
// setLoading(false);
// ComponentGlobal_NotifikasiGagal(result.message);
// return;
// }
} catch (error) {
setLoading(false);
clientLogger.error("Error validasi:", error);
@@ -171,9 +129,18 @@ export default function Validasi() {
}
async function onBack() {
localStorage.removeItem("hipmi_auth_code_id");
await auth_funDeleteAktivasiKodeOtpByNomor({ nomor: data.nomor });
router.back();
try {
router.back();
const responeDelete = await apiDeleteAktivasiKodeOtpByNomor({
id: idCode,
});
if (responeDelete) {
localStorage.removeItem("hipmi_auth_code_id");
}
} catch (error) {
clientLogger.error("Error apiDeleteAktivasiKodeOtpByNomor:", error);
}
}
async function onResendCode() {
@@ -197,13 +164,12 @@ export default function Validasi() {
setTriggerOtp(true);
setCounter(60);
setLoadingResend(false);
// router.push("/validasi", { scroll: false });
} else {
setLoadingResend(false);
ComponentGlobal_NotifikasiPeringatan(result.message);
}
} catch (error) {
console.error(error);
clientLogger.error(" Error onResend", error);
setLoadingResend(false);
ComponentGlobal_NotifikasiGagal("Terjadi Kesalahan");
}
@@ -213,7 +179,7 @@ export default function Validasi() {
<>
<UIGlobal_LayoutDefault>
<Stack h={"100vh"}>
{/* <Box
<Box
pt={"md"}
px={"md"}
style={{
@@ -222,9 +188,13 @@ export default function Validasi() {
}}
>
<ActionIcon variant="transparent" onClick={() => onBack()}>
<IconChevronLeft color="white" />
{data && data.nomor !== "" ? (
<IconChevronLeft color="white" />
) : (
""
)}
</ActionIcon>
</Box> */}
</Box>
<Stack align="center" justify="center" h={"100vh"} spacing={50}>
<Title order={2} color={MainColor.yellow}>
@@ -260,31 +230,40 @@ export default function Validasi() {
</Center>
<Stack h={"5vh"} align="center" justify="center">
<Text fs="italic" c={MainColor.white}>
Tidak menerima kode ?{" "}
{counter > 0 ? (
<Text fw={"bold"} inherit span>
{counter + "s"}
</Text>
) : loadingResend ? (
<Loader ml={"sm"} size={"xs"} color="yellow" />
<Group position="center">
<Text fs="italic" c={MainColor.white}>
Tidak menerima kode ?{" "}
</Text>
{data && data.nomor !== "" ? (
counter > 0 ? (
<Text fw={"bold"} c={MainColor.white}>
{counter + "s"}
</Text>
) : loadingResend ? (
<Loader ml={"sm"} size={"xs"} color="yellow" />
) : (
<Text
c={MainColor.white}
onClick={() => {
onResendCode();
}}
fw={"bold"}
>
Kirim ulang
</Text>
)
) : (
<Text
inherit
span
onClick={() => {
onResendCode();
}}
fw={"bold"}
>
Kirim ulang
</Text>
<CustomSkeleton height={20} radius={"xl"} width={20} />
)}
</Text>
</Group>
</Stack>
</Stack>
<Button
w={300}
disabled={inputCode.length < 4 ? true : false}
style={{
transition: "all ease 0.3s",
}}
loading={loading ? true : false}
loaderPosition="center"
radius={"md"}
@@ -293,9 +272,6 @@ export default function Validasi() {
c={"black"}
bg={MainColor.yellow}
color={"yellow"}
style={{
borderColor: AccentColor.yellow,
}}
onClick={() => {
data.nomor == "" && data.code == ""
? null
@@ -305,8 +281,6 @@ export default function Validasi() {
<Text>VERIFIKASI</Text>
</Button>
</Stack>
{/* {data.nomor == "" && data.code == "" ? <Validasi_SkeletonView /> : ""} */}
</Stack>
</UIGlobal_LayoutDefault>
</>

202
src/middleware.ts
View File

@@ -43,8 +43,6 @@ const middlewareConfig: MiddlewareConfig = {
// "/api/admin/voting/dashboard/*",
// "/api/admin/job/dashboard/*",
// "/api/admin/forum/dashboard/*",
// Akses awal
"/api/get-cookie",
@@ -78,134 +76,142 @@ export const middleware = async (req: NextRequest) => {
apiPath,
encodedKey,
loginPath,
// validasiPath,
// registarasiPath,
publicRoutes,
sessionKey,
validationApiRoute,
userPath,
} = middlewareConfig;
const { pathname } = req.nextUrl;
// CORS handling
// Handle CORS
const corsResponse = handleCors(req);
if (corsResponse) {
return setCorsHeaders(corsResponse);
return corsResponse;
}
// Skip authentication for public routes
const isPublicRoute = [
...publicRoutes,
loginPath,
// validasiPath,
// registarasiPath,
].some((route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
});
// Always protect validation endpoint
if (pathname === validationApiRoute) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
}
if (
isPublicRoute &&
pathname !== loginPath
// &&
// pathname !== validasiPath &&
// pathname !== registarasiPath
) {
// Check if route is public
const isPublicRoute = isRoutePublic(pathname, publicRoutes, loginPath);
if (isPublicRoute && pathname !== loginPath) {
return setCorsHeaders(NextResponse.next());
}
const token =
req.cookies.get(sessionKey)?.value ||
req.headers.get("Authorization")?.split(" ")[1];
// Get token from cookies or Authorization header
const token = getToken(req, sessionKey);
// ==================== Authentication: Login, Validasi, Registrasi ==================== //
// Token verification
// Verify token and get user data
const user = await verifyToken({ token, encodedKey });
// Handle login page access
if (pathname === loginPath) {
if (user) {
return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
const response = NextResponse.redirect(new URL(userPath, req.url));
// Preserve token in cookie when redirecting
if (token) {
response.cookies.set(sessionKey, token, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
});
}
return setCorsHeaders(response);
}
return setCorsHeaders(NextResponse.next());
}
// // Handle validation page access
// if (pathname === validasiPath) {
// if (user) {
// return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
// }
// return setCorsHeaders(NextResponse.next());
// }
// // Handle register page access
// if (pathname === registarasiPath) {
// if (user) {
// return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
// }
// return setCorsHeaders(NextResponse.next());
// }
// Handle protected routes
// Redirect to login if no user found
if (!user) {
return setCorsHeaders(NextResponse.redirect(new URL(loginPath, req.url)));
const response = NextResponse.redirect(new URL(loginPath, req.url));
// Clear invalid token
response.cookies.delete(sessionKey);
return setCorsHeaders(response);
}
// ==================== Authentication: Login, Validasi, Registrasi ==================== //
// Handle /dev routes that require active status
if (pathname.startsWith("/dev")) {
const userValidate = await fetch(new URL("/api/user-validate", req.url), {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
});
const userValidateJson = await userValidate.json();
if (!userValidateJson.data.active) {
return setCorsHeaders(
NextResponse.redirect(new URL("/waiting-room", req.url))
);
}
}
// Handle authenticated API requests
if (pathname.startsWith(apiPath)) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
// Validate user access with external API
const validationResponse = await fetch(
new URL(validationApiRoute, req.url),
{
try {
const userValidate = await fetch(new URL("/api/user-validate", req.url), {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${reqToken}`,
Authorization: `Bearer ${token}`,
},
}
);
});
if (!validationResponse.ok) {
if (!userValidate.ok) {
throw new Error("Failed to validate user");
}
const userValidateJson = await userValidate.json();
if (!userValidateJson.data.active) {
return setCorsHeaders(
NextResponse.redirect(new URL("/waiting-room", req.url))
);
}
} catch (error) {
console.error("Error validating user:", error);
return setCorsHeaders(unauthorizedResponse());
}
}
// Handle API requests
if (pathname.startsWith(apiPath)) {
if (!token) {
return setCorsHeaders(unauthorizedResponse());
}
const dataJson = await validationResponse.json();
try {
const validationResponse = await fetch(
new URL(validationApiRoute, req.url),
{
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
}
);
if (!validationResponse.ok) {
throw new Error("Failed to validate API request");
}
} catch (error) {
console.error("Error validating API request:", error);
return setCorsHeaders(unauthorizedResponse());
}
}
// Proceed with the request
return setCorsHeaders(NextResponse.next());
const response = NextResponse.next();
// Ensure token is preserved in cookie
if (token) {
response.cookies.set(sessionKey, token, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
});
}
return setCorsHeaders(response);
};
function isRoutePublic(
pathname: string,
publicRoutes: string[],
loginPath: string
): boolean {
return [...publicRoutes, loginPath].some((route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
});
}
function getToken(req: NextRequest, sessionKey: string): string | undefined {
return (
req.cookies.get(sessionKey)?.value ||
req.headers.get("Authorization")?.split(" ")[1]
);
}
function unauthorizedResponse(): NextResponse {
return new NextResponse(JSON.stringify({ error: "Unauthorized" }), {
status: 401,
@@ -250,16 +256,6 @@ async function verifyToken({
}): Promise<Record<string, unknown> | null> {
if (!token) return null;
return await decrypt({ token, encodedKey });
}
async function decrypt({
token,
encodedKey,
}: {
token: string;
encodedKey: string;
}): Promise<Record<string, any> | null> {
try {
const enc = new TextEncoder().encode(encodedKey);
const { payload } = await jwtVerify(token, enc, {
@@ -267,7 +263,7 @@ async function decrypt({
});
return (payload.user as Record<string, any>) || null;
} catch (error) {
console.error("Gagal verifikasi session", error);
console.error("Token verification failed:", error);
return null;
}
}
@@ -275,5 +271,3 @@ async function decrypt({
export const config = {
matcher: ["/((?!_next|static|favicon.ico|manifest).*)"],
};
// wibu:0.2.82

284
src/middleware.v2.back.txt Normal file
View File

@@ -0,0 +1,284 @@
import { NextRequest, NextResponse } from "next/server";
import { jwtVerify } from "jose";
import { apies, pages } from "./lib/routes";
type MiddlewareConfig = {
apiPath: string;
loginPath: string;
// validasiPath: string;
// registarasiPath: string;
userPath: string;
publicRoutes: string[];
encodedKey: string;
sessionKey: string;
validationApiRoute: string;
log: boolean;
};
const middlewareConfig: MiddlewareConfig = {
apiPath: "/api",
loginPath: "/login",
// validasiPath: "/validasi",
// registarasiPath: "/register",
userPath: "/dev/home",
publicRoutes: [
// API
"/",
"/api/voting/*",
"/api/collaboration/*",
"/api/notifikasi/*",
"/api/logs/*",
"/api/job/*",
"/api/auth/*",
"/api/origin-url",
"/api/event/*",
// "/api/master/*",
// "/api/image/*",
// "/api/user/*",
// "/api/new/*",
// ADMIN API
// "/api/admin/event/*",
// "/api/admin/investasi/*",
// "/api/admin/donasi/dashboard/*",
// "/api/admin/voting/dashboard/*",
// "/api/admin/job/dashboard/*",
// "/api/admin/forum/dashboard/*",
// Akses awal
"/api/get-cookie",
"/api/user/activation",
"/api/user-validate",
// PAGE
"/login",
"/register",
"/validasi",
"/splash",
"/job-vacancy",
"/preview-image",
"/auth/login",
"/auth/api/login",
"/waiting-room",
"/zCoba/*",
// ASSETS
"/aset/global/main_background.png",
"/aset/logo/logo-hipmi.png",
],
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
validationApiRoute: "/api/validation",
log: false,
};
export const middleware = async (req: NextRequest) => {
const {
apiPath,
encodedKey,
loginPath,
// validasiPath,
// registarasiPath,
publicRoutes,
sessionKey,
validationApiRoute,
userPath,
} = middlewareConfig;
const { pathname } = req.nextUrl;
// CORS handling
const corsResponse = handleCors(req);
if (corsResponse) {
return setCorsHeaders(corsResponse);
}
// Skip authentication for public routes
const isPublicRoute = [
...publicRoutes,
loginPath,
// validasiPath,
// registarasiPath,
].some((route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
});
// Always protect validation endpoint
if (pathname === validationApiRoute) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
}
if (
isPublicRoute &&
pathname !== loginPath
// &&
// pathname !== validasiPath &&
// pathname !== registarasiPath
) {
return setCorsHeaders(NextResponse.next());
}
const token =
req.cookies.get(sessionKey)?.value ||
req.headers.get("Authorization")?.split(" ")[1];
// ==================== Authentication: Login, Validasi, Registrasi ==================== //
// Token verification
const user = await verifyToken({ token, encodedKey });
console.log("middlaware console:", user);
// Handle login page access
if (pathname === loginPath) {
console.log("cek pathname >>", pathname);
if (user) {
console.log("sudah login, cek user >>", user);
return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
}
return setCorsHeaders(NextResponse.next());
}
if (!user) {
return setCorsHeaders(NextResponse.redirect(new URL(loginPath, req.url)));
}
// // Handle validation page access
// if (pathname === validasiPath) {
// if (user) {
// return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
// }
// return setCorsHeaders(NextResponse.next());
// }
// // Handle register page access
// if (pathname === registarasiPath) {
// if (user) {
// return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
// }
// return setCorsHeaders(NextResponse.next());
// }
// Handle protected routes
// if (!user) {
// return setCorsHeaders(NextResponse.redirect(new URL(loginPath, req.url)));
// }
// ==================== Authentication: Login, Validasi, Registrasi ==================== //
if (pathname.startsWith("/dev")) {
const userValidate = await fetch(new URL("/api/user-validate", req.url), {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
});
const userValidateJson = await userValidate.json();
if (!userValidateJson.data.active) {
return setCorsHeaders(
NextResponse.redirect(new URL("/waiting-room", req.url))
);
}
}
// Handle authenticated API requests
if (pathname.startsWith(apiPath)) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
// Validate user access with external API
const validationResponse = await fetch(
new URL(validationApiRoute, req.url),
{
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${reqToken}`,
},
}
);
if (!validationResponse.ok) {
return setCorsHeaders(unauthorizedResponse());
}
const dataJson = await validationResponse.json();
}
// Proceed with the request
return setCorsHeaders(NextResponse.next());
};
function unauthorizedResponse(): NextResponse {
return new NextResponse(JSON.stringify({ error: "Unauthorized" }), {
status: 401,
headers: { "Content-Type": "application/json" },
});
}
function setCorsHeaders(res: NextResponse): NextResponse {
res.headers.set("Access-Control-Allow-Origin", "*");
res.headers.set(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS"
);
res.headers.set(
"Access-Control-Allow-Headers",
"Content-Type, Authorization"
);
return res;
}
function handleCors(req: NextRequest): NextResponse | null {
if (req.method === "OPTIONS") {
return new NextResponse(null, {
status: 204,
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
"Access-Control-Allow-Headers": "Content-Type, Authorization",
"Access-Control-Max-Age": "86400",
},
});
}
return null;
}
async function verifyToken({
token,
encodedKey,
}: {
token: string | undefined;
encodedKey: string;
}): Promise<Record<string, unknown> | null> {
if (!token) return null;
return await decrypt({ token, encodedKey });
}
async function decrypt({
token,
encodedKey,
}: {
token: string;
encodedKey: string;
}): Promise<Record<string, any> | null> {
try {
const enc = new TextEncoder().encode(encodedKey);
const { payload } = await jwtVerify(token, enc, {
algorithms: ["HS256"],
});
return (payload.user as Record<string, any>) || null;
} catch (error) {
console.error("Gagal verifikasi session", error);
return null;
}
}
export const config = {
matcher: ["/((?!_next|static|favicon.ico|manifest).*)"],
};
// wibu:0.2.82

244
src/middleware.v3.back.txt Normal file
View File

@@ -0,0 +1,244 @@
import { NextRequest, NextResponse } from "next/server";
import { jwtVerify } from "jose";
type MiddlewareConfig = {
apiPath: string;
loginPath: string;
userPath: string;
publicRoutes: string[];
encodedKey: string;
sessionKey: string;
validationApiRoute: string;
log: boolean;
};
const middlewareConfig: MiddlewareConfig = {
apiPath: "/api",
loginPath: "/login",
userPath: "/dev/home",
publicRoutes: [
"/",
"/api/voting/*",
"/api/collaboration/*",
"/api/notifikasi/*",
"/api/logs/*",
"/api/job/*",
"/api/auth/*",
"/api/origin-url",
"/api/event/*",
"/api/get-cookie",
"/api/user/activation",
"/api/user-validate",
"/login",
"/register",
"/validasi",
"/splash",
"/job-vacancy",
"/preview-image",
"/auth/login",
"/auth/api/login",
"/waiting-room",
"/zCoba/*",
"/aset/global/main_background.png",
"/aset/logo/logo-hipmi.png",
],
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
validationApiRoute: "/api/validation",
log: false,
};
export const middleware = async (req: NextRequest) => {
const {
apiPath,
encodedKey,
loginPath,
publicRoutes,
sessionKey,
validationApiRoute,
userPath,
} = middlewareConfig;
const { pathname } = req.nextUrl;
// Handle CORS
const corsResponse = handleCors(req);
if (corsResponse) {
return corsResponse;
}
// Check if route is public
const isPublicRoute = isRoutePublic(pathname, publicRoutes, loginPath);
if (isPublicRoute && pathname !== loginPath) {
return setCorsHeaders(NextResponse.next());
}
// Get token from cookies or Authorization header
const token = getToken(req, sessionKey);
// Verify token and get user data
const user = await verifyToken({ token, encodedKey });
// Handle login page access
if (pathname === loginPath) {
if (user) {
const response = NextResponse.redirect(new URL(userPath, req.url));
// Preserve token in cookie when redirecting
if (token) {
response.cookies.set(sessionKey, token, {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
path: '/'
});
}
return setCorsHeaders(response);
}
return setCorsHeaders(NextResponse.next());
}
// Redirect to login if no user found
if (!user) {
const response = NextResponse.redirect(new URL(loginPath, req.url));
// Clear invalid token
response.cookies.delete(sessionKey);
return setCorsHeaders(response);
}
// Handle /dev routes that require active status
if (pathname.startsWith("/dev")) {
try {
const userValidate = await fetch(new URL("/api/user-validate", req.url), {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
});
if (!userValidate.ok) {
throw new Error('Failed to validate user');
}
const userValidateJson = await userValidate.json();
if (!userValidateJson.data.active) {
return setCorsHeaders(
NextResponse.redirect(new URL("/waiting-room", req.url))
);
}
} catch (error) {
console.error('Error validating user:', error);
return setCorsHeaders(unauthorizedResponse());
}
}
// Handle API requests
if (pathname.startsWith(apiPath)) {
if (!token) {
return setCorsHeaders(unauthorizedResponse());
}
try {
const validationResponse = await fetch(
new URL(validationApiRoute, req.url),
{
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
}
);
if (!validationResponse.ok) {
throw new Error('Failed to validate API request');
}
} catch (error) {
console.error('Error validating API request:', error);
return setCorsHeaders(unauthorizedResponse());
}
}
const response = NextResponse.next();
// Ensure token is preserved in cookie
if (token) {
response.cookies.set(sessionKey, token, {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
path: '/'
});
}
return setCorsHeaders(response);
};
function isRoutePublic(pathname: string, publicRoutes: string[], loginPath: string): boolean {
return [...publicRoutes, loginPath].some((route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
});
}
function getToken(req: NextRequest, sessionKey: string): string | undefined {
return req.cookies.get(sessionKey)?.value ||
req.headers.get("Authorization")?.split(" ")[1];
}
function unauthorizedResponse(): NextResponse {
return new NextResponse(JSON.stringify({ error: "Unauthorized" }), {
status: 401,
headers: { "Content-Type": "application/json" },
});
}
function setCorsHeaders(res: NextResponse): NextResponse {
res.headers.set("Access-Control-Allow-Origin", "*");
res.headers.set(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS"
);
res.headers.set(
"Access-Control-Allow-Headers",
"Content-Type, Authorization"
);
return res;
}
function handleCors(req: NextRequest): NextResponse | null {
if (req.method === "OPTIONS") {
return new NextResponse(null, {
status: 204,
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
"Access-Control-Allow-Headers": "Content-Type, Authorization",
"Access-Control-Max-Age": "86400",
},
});
}
return null;
}
async function verifyToken({
token,
encodedKey,
}: {
token: string | undefined;
encodedKey: string;
}): Promise<Record<string, unknown> | null> {
if (!token) return null;
try {
const enc = new TextEncoder().encode(encodedKey);
const { payload } = await jwtVerify(token, enc, {
algorithms: ["HS256"],
});
return (payload.user as Record<string, any>) || null;
} catch (error) {
console.error("Token verification failed:", error);
return null;
}
}
export const config = {
matcher: ["/((?!_next|static|favicon.ico|manifest).*)"],
};