Merge pull request #155 from bipproduction/fix/bug/user

Fix version 1.2.15

CHANGELOG.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [1.2.15](https://github.com/bipproduction/hipmi/compare/v1.2.14...v1.2.15) (2024-12-03)
+
 ## [1.2.14](https://github.com/bipproduction/hipmi/compare/v1.2.13...v1.2.14) (2024-12-03)
 
 ## [1.2.13](https://github.com/bipproduction/hipmi/compare/v1.2.12...v1.2.13) (2024-12-03)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "hipmi",
-  "version": "1.2.14",
+  "version": "1.2.15",
   "private": true,
   "prisma": {
     "seed": "npx tsx prisma/seed.ts --yes"

src/app/dev/(user)/layout.tsx

@@ -0,0 +1,20 @@
+import { RouterAdminDashboard } from "@/app/lib/router_hipmi/router_admin";
+import { funGetUserIdByToken } from "@/app_modules/_global/fun/get";
+import { funGlobal_getUserById } from "@/app_modules/_global/fun/get/fun_get_user_by_id";
+import { redirect } from "next/navigation";
+
+export default async function Layout({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  const userLoginId = await funGetUserIdByToken();
+  const dataUser = await funGlobal_getUserById({
+    userId: userLoginId as string,
+  });
+
+  if (dataUser?.masterUserRoleId != "1")
+    return redirect(RouterAdminDashboard.splash_admin);
+
+  return <>{children}</>;
+}

src/app_modules/_global/fun/get/fun_get_user_id_by_token.ts

@@ -3,10 +3,17 @@
 import { prisma } from "@/app/lib";
 import { ServerEnv } from "@/app/lib/server_env";
 import { unsealData } from "iron-session";
+import { jwtVerify } from "jose";
 import { cookies } from "next/headers";
 
 export async function funGetUserIdByToken() {
-   const c = cookies().get(process.env.NEXT_PUBLIC_BASE_SESSION_KEY!);
+  const c = cookies().get(process.env.NEXT_PUBLIC_BASE_SESSION_KEY!);
+
+  const cekUser = await decrypt({
+    token: c?.value as string,
+    encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
+  });
+
 
   //  const token = JSON.parse(
   //    await unsealData(c?.value as string, {
@@ -15,13 +22,32 @@ export async function funGetUserIdByToken() {
   //  );
   //  return token.id;
 
-  const token = c?.value
+  // const token = c?.value;
-  const cekToken = await prisma.userSession.findFirst({
+  // const cekToken = await prisma.userSession.findFirst({
-    where: {
+  //   where: {
-      token: token,
+  //     token: token,
-    },
+  //   },
-  });
+  // });
 
   // if (cekToken === null) return null
-  return cekToken?.userId
+  return cekUser?.id;
+}
+
+async function decrypt({
+  token,
+  encodedKey,
+}: {
+  token: string;
+  encodedKey: string;
+}): Promise<Record<string, any> | null> {
+  try {
+    const enc = new TextEncoder().encode(encodedKey);
+    const { payload } = await jwtVerify(token, enc, {
+      algorithms: ["HS256"],
+    });
+    return (payload.user as Record<string, any>) || null;
+  } catch (error) {
+    console.error("Gagal verifikasi session", error);
+    return null;
+  }
 }