clqms-be/app/Controllers/Auth.php

<?php

namespace App\Controllers;

use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Controller;

use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\ExpiredException;
use Firebase\JWT\SignatureInvalidException;
use Firebase\JWT\BeforeValidException;
use CodeIgniter\Cookie\Cookie;

class Auth extends Controller {
    use ResponseTrait;

    // ok
    public function __construct() {
        $this->db = \Config\Database::connect();
    }

    // ok
    public function checkAuth() {
        $token = $this->request->getCookie('token');
        $key   = getenv('JWT_SECRET');

        // Jika token FE tidak ada langsung kabarkan failed
        if (!$token) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'No token found'
            ], 401);
        }

        try {
            // Decode Token dengan Key yg ada di .env
            $decodedPayload = JWT::decode($token, new Key($key, 'HS256'));

            return $this->respond([
                'status'  => 'success',
                'message' => 'Authenticated',
                'data'    => $decodedPayload
            ], 200);

        } catch (ExpiredException $e) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'Token expired',
                'data'    => []
            ], 401);

        } catch (SignatureInvalidException $e) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'Invalid token signature',
                'data'    => []
            ], 401);

        } catch (BeforeValidException $e) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'Token not valid yet',
                'data'    => []
            ], 401);

        } catch (\Exception $e) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'Invalid token: ' . $e->getMessage(),
                'data'    => []
            ], 401);
        }
    }

    // ok
    public function login() {

        // Ambil dari JSON Form dan Key .env
        $username = $this->request->getVar('username');
        $password = $this->request->getVar('password');
        $key = getenv('JWT_SECRET');

        if (!$username) {
            return $this->fail('Username required.', 400);
        }

        $sql = "SELECT * FROM users WHERE username=" . $this->db->escape($username);
        $query = $this->db->query($sql);
        $row = $query->getRowArray();

        if (!$row) {
            return $this->fail('User not found.', 401);
        }

        if (!password_verify($password, $row['password'])) {
            return $this->fail('Invalid password.', 401);
        }

        // Buat JWT payload
        $payload = [
            'userid'   => $row['id'],
            'username' => $row['username'],
            'exp'      => time() + 86400 // 1 hari
        ];

        try {
            // Melakukan Hash terhadap Payload dengan Kunci .env menggunakan Algortima HMAC + SHA-256
            $jwt = JWT::encode($payload, $key, 'HS256');
        } catch (Exception $e) {
            return $this->fail('Error generating JWT: ' . $e->getMessage(), 500);
        }

        // Kirim Respon ke HttpOnly yg akan disimpan di browser dan tidak akan dapat diakses oleh siapapun
        $this->response->setCookie([
            'name'     => 'token',              // nama token
            'value'    => $jwt,                 // value dari jwt yg sudah di hash
            'expire'   => 86400,                // 1 hari
            'path'     => '/',                  // valid untuk semua path
            'secure'   => true,                 // set true kalau sudah HTTPS
            'httponly' => true,                 // dipakai agar cookie berikut tidak dapat diakses oleh javascript
            'samesite' => Cookie::SAMESITE_NONE 
        ]);

        // Response tanpa token di body
        return $this->respond([
            'status'  => 'success',
            'message' => 'Login successful'
        ], 200);
    }

    // ok
    public function logout() {
        // Definisikan ini pada cookies browser, harus sama dengan cookies login
        return $this->response->setCookie([
            'name'     => 'token',
            'value'    => '',
            'expire'   => time() - 3600,
            'path'     => '/',
            'secure'   => true,   
            'httponly' => true,
            'samesite' => Cookie::SAMESITE_NONE
        
        ])->setJSON([
            'status'    => 'success', 
            'message'   => 'Logout successful'
        ], 200);
    }

    // ok
    public function register() {

        $username = $this->request->getJsonVar('username');
        $password = $this->request->getJsonVar('password');

        // Validasi 
        if (empty($username) || empty($password)) {
            return $this->respond([
                'status'  => 'failed',
                'message' => 'Username and password are required'
            ], 400); // Gunakan 400 Bad Request
        }

        $password = password_hash($password, PASSWORD_DEFAULT);
        $sql = "INSERT INTO users(username, password) values('$username', '$password')";
        
        return $this->respond([
            'status'  => 'success',
            'message' => 'User '.$username.' created'
        ], 201);
    }

    // public function change_pass() {
    //     $db = \Config\Database::connect();
    //     $username = $this->request->getJsonVar('username');
    //     $password = $this->request->getJsonVar('password');
    //     $password = password_hash($password, PASSWORD_DEFAULT);

    //     $master = $this->request->getJsonVar('master');
    //     $masterkey = getenv('masterkey');

    //     if($master != $masterkey) {
    //         return $this->fail('Invalid master key.', 401);
    //     }

    //     $sql = "update users set password='$password' where username='$username'";
    //     $query = $db->query($sql);
    //     $response = [
    //         'message' => "Password Changed for $username"
    //     ];
    //     return $this->respond($response);
    // }

    public function coba() {
        return $this->respond([
            'status' => 'success',
            'message' => 'Already Login'
        ],200);
    }
    
}
auth done 2025-06-26 14:09:25 +07:00			`<?php`

			`namespace App\Controllers;`

			`use CodeIgniter\API\ResponseTrait;`
			`use CodeIgniter\Controller;`
Update JWT Success 2025-09-03 22:45:57 +07:00
			`use Firebase\JWT\JWT;`
			`use Firebase\JWT\Key;`
			`use Firebase\JWT\ExpiredException;`
			`use Firebase\JWT\SignatureInvalidException;`
			`use Firebase\JWT\BeforeValidException;`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`use CodeIgniter\Cookie\Cookie;`
auth done 2025-06-26 14:09:25 +07:00
			`class Auth extends Controller {`
			`use ResponseTrait;`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// ok`
auth done 2025-06-26 14:09:25 +07:00			`public function __construct() {`
			`$this->db = \Config\Database::connect();`
			`}`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// ok`
			`public function checkAuth() {`
			`$token = $this->request->getCookie('token');`
			`$key = getenv('JWT_SECRET');`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// Jika token FE tidak ada langsung kabarkan failed`
			`if (!$token) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'No token found'`
			`], 401);`
			`}`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`try {`
			`// Decode Token dengan Key yg ada di .env`
			`$decodedPayload = JWT::decode($token, new Key($key, 'HS256'));`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`return $this->respond([`
			`'status' => 'success',`
			`'message' => 'Authenticated',`
			`'data' => $decodedPayload`
			`], 200);`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`} catch (ExpiredException $e) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'Token expired',`
			`'data' => []`
			`], 401);`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`} catch (SignatureInvalidException $e) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'Invalid token signature',`
			`'data' => []`
			`], 401);`

			`} catch (BeforeValidException $e) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'Token not valid yet',`
			`'data' => []`
			`], 401);`

			`} catch (\Exception $e) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'Invalid token: ' . $e->getMessage(),`
			`'data' => []`
			`], 401);`
			`}`
			`}`

			`// ok`
auth done 2025-06-26 14:09:25 +07:00			`public function login() {`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// Ambil dari JSON Form dan Key .env`
auth done 2025-06-26 14:09:25 +07:00			`$username = $this->request->getVar('username');`
			`$password = $this->request->getVar('password');`
			`$key = getenv('JWT_SECRET');`

			`if (!$username) {`
			`return $this->fail('Username required.', 400);`
			`}`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
			`$sql = "SELECT * FROM users WHERE username=" . $this->db->escape($username);`
auth done 2025-06-26 14:09:25 +07:00			`$query = $this->db->query($sql);`
			`$row = $query->getRowArray();`

			`if (!$row) {`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`return $this->fail('User not found.', 401);`
auth done 2025-06-26 14:09:25 +07:00			`}`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
auth done 2025-06-26 14:09:25 +07:00			`if (!password_verify($password, $row['password'])) {`
			`return $this->fail('Invalid password.', 401);`
			`}`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// Buat JWT payload`
auth done 2025-06-26 14:09:25 +07:00			`$payload = [`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`'userid' => $row['id'],`
auth done 2025-06-26 14:09:25 +07:00			`'username' => $row['username'],`
Update JWT Success 2025-09-03 22:45:57 +07:00			`'exp' => time() + 86400 // 1 hari`
auth done 2025-06-26 14:09:25 +07:00			`];`

			`try {`
Update JWT Success 2025-09-03 22:45:57 +07:00			`// Melakukan Hash terhadap Payload dengan Kunci .env menggunakan Algortima HMAC + SHA-256`
auth done 2025-06-26 14:09:25 +07:00			`$jwt = JWT::encode($payload, $key, 'HS256');`
			`} catch (Exception $e) {`
			`return $this->fail('Error generating JWT: ' . $e->getMessage(), 500);`
			`}`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// Kirim Respon ke HttpOnly yg akan disimpan di browser dan tidak akan dapat diakses oleh siapapun`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`$this->response->setCookie([`
Update JWT Success 2025-09-03 22:45:57 +07:00			`'name' => 'token', // nama token`
			`'value' => $jwt, // value dari jwt yg sudah di hash`
			`'expire' => 86400, // 1 hari`
			`'path' => '/', // valid untuk semua path`
			`'secure' => true, // set true kalau sudah HTTPS`
			`'httponly' => true, // dipakai agar cookie berikut tidak dapat diakses oleh javascript`
			`'samesite' => Cookie::SAMESITE_NONE`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`]);`

			`// Response tanpa token di body`
			`return $this->respond([`
			`'status' => 'success',`
			`'message' => 'Login successful'`
Update JWT Success 2025-09-03 22:45:57 +07:00			`], 200);`
auth done 2025-06-26 14:09:25 +07:00			`}`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// ok`
			`public function logout() {`
			`// Definisikan ini pada cookies browser, harus sama dengan cookies login`
			`return $this->response->setCookie([`
			`'name' => 'token',`
			`'value' => '',`
			`'expire' => time() - 3600,`
			`'path' => '/',`
			`'secure' => true,`
			`'httponly' => true,`
			`'samesite' => Cookie::SAMESITE_NONE`
auth done 2025-06-26 14:09:25 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`])->setJSON([`
			`'status' => 'success',`
			`'message' => 'Logout successful'`
			`], 200);`
auth done 2025-06-26 14:09:25 +07:00			`}`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// ok`
auth done 2025-06-26 14:09:25 +07:00			`public function register() {`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
auth done 2025-06-26 14:09:25 +07:00			`$username = $this->request->getJsonVar('username');`
			`$password = $this->request->getJsonVar('password');`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// Validasi`
			`if (empty($username) \|\| empty($password)) {`
			`return $this->respond([`
			`'status' => 'failed',`
			`'message' => 'Username and password are required'`
			`], 400); // Gunakan 400 Bad Request`
			`}`

			`$password = password_hash($password, PASSWORD_DEFAULT);`
Update JWT for Auth 2025-09-03 15:36:55 +07:00			`$sql = "INSERT INTO users(username, password) values('$username', '$password')";`
Update JWT Success 2025-09-03 22:45:57 +07:00
			`return $this->respond([`
			`'status' => 'success',`
			`'message' => 'User '.$username.' created'`
			`], 201);`
auth done 2025-06-26 14:09:25 +07:00			`}`

Update JWT Success 2025-09-03 22:45:57 +07:00			`// public function change_pass() {`
			`// $db = \Config\Database::connect();`
			`// $username = $this->request->getJsonVar('username');`
			`// $password = $this->request->getJsonVar('password');`
			`// $password = password_hash($password, PASSWORD_DEFAULT);`
auth done 2025-06-26 14:09:25 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// $master = $this->request->getJsonVar('master');`
			`// $masterkey = getenv('masterkey');`
auth done 2025-06-26 14:09:25 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// if($master != $masterkey) {`
			`// return $this->fail('Invalid master key.', 401);`
			`// }`
auth done 2025-06-26 14:09:25 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`// $sql = "update users set password='$password' where username='$username'";`
			`// $query = $db->query($sql);`
			`// $response = [`
			`// 'message' => "Password Changed for $username"`
			`// ];`
			`// return $this->respond($response);`
			`// }`
Update JWT for Auth 2025-09-03 15:36:55 +07:00
Update JWT Success 2025-09-03 22:45:57 +07:00			`public function coba() {`
			`return $this->respond([`
			`'status' => 'success',`
			`'message' => 'Already Login'`
			`],200);`
			`}`

			`}`