diff --git a/app/Config/Routes.php b/app/Config/Routes.php index a779411..947945f 100644 --- a/app/Config/Routes.php +++ b/app/Config/Routes.php @@ -19,12 +19,12 @@ $routes->post('/api/v1/emr/lab/detail', 'NUHATEMP::detail'); $routes->group('api', ['filter' => 'auth'], function($routes) { $routes->get('coba-auth', 'Auth::coba'); }); - $routes->post('/api/auth/login', 'Auth::login'); - $routes->post('/api/auth/change_pass', 'Auth::change_pass'); - $routes->post('/api/auth/register', 'Auth::register'); - $routes->get('/api/auth/check', 'Auth::checkAuth'); - $routes->post('/api/auth/logout', 'Auth::logout'); +$routes->post('/api/auth/login', 'Auth::login'); +$routes->post('/api/auth/change_pass', 'Auth::change_pass'); +$routes->post('/api/auth/register', 'Auth::register'); +$routes->get('/api/auth/check', 'Auth::checkAuth'); +$routes->post('/api/auth/logout', 'Auth::logout'); $routes->get('/api/patient', 'Patient::index'); $routes->post('/api/patient', 'Patient::create'); diff --git a/app/Controllers/Auth.php b/app/Controllers/Auth.php index bede8b8..49832bf 100644 --- a/app/Controllers/Auth.php +++ b/app/Controllers/Auth.php @@ -98,10 +98,12 @@ class Auth extends Controller { } // Buat JWT payload + $exp = time() + 86400; $payload = [ 'userid' => $row['id'], + 'roleid' => $row['role_id'], 'username' => $row['username'], - 'exp' => time() + 86400 // 1 hari + 'exp' => $exp ]; try { @@ -125,6 +127,7 @@ class Auth extends Controller { // Response tanpa token di body return $this->respond([ 'status' => 'success', + 'code' => 200, 'message' => 'Login successful' ], 200); } @@ -142,7 +145,8 @@ class Auth extends Controller { 'samesite' => Cookie::SAMESITE_NONE ])->setJSON([ - 'status' => 'success', + 'status' => 'success', + 'code' => 200, 'message' => 'Logout successful' ], 200); } @@ -150,40 +154,50 @@ class Auth extends Controller { // ok public function register() { - $username = $this->request->getJsonVar('username'); + $username = strtolower($this->request->getJsonVar('username')); $password = $this->request->getJsonVar('password'); - // Validasi + // Validasi Awal Dari BE if (empty($username) || empty($password)) { return $this->respond([ 'status' => 'failed', + 'code' => 400, 'message' => 'Username and password are required' ], 400); // Gunakan 400 Bad Request } + // Cek Duplikasi Username + $exists = $this->db->query("SELECT id FROM users WHERE username = ?", [$username])->getRow(); + if ($exists) { + return $this->respond(['status' => 'failed', 'code'=>409,'message' => 'Username already exists'], 409); + } + $hashedPassword = password_hash($password, PASSWORD_DEFAULT); - $sql = "INSERT INTO users(username, password) VALUES(?, ?)"; + + // Mulai transaksi Insert + $this->db->transStart(); + $this->db->query( + "INSERT INTO users(username, password, role_id) VALUES(?, ?, ?)", + [$username, $hashedPassword, 1] + ); + $this->db->transComplete(); - try { - // Jalankan kueri dan binding data secara terpisah - $this->db->query($sql, [$username, $hashedPassword]); - - // Respon sukses jika kueri berhasil - return $this->respond([ - 'status' => 'success', - 'message' => 'User ' . $username . ' successfully created.' - ], 201); // Kode 201 Created sudah benar untuk resource baru - - } catch (\Exception $e) { - - // Tangani error lain-lain + // Cek status transaksi + if ($this->db->transStatus() === false) { return $this->respond([ 'status' => 'error', + 'code' => 500, 'message' => 'Failed to create user. Please try again later.' - ], 500); // Kode 500 Internal Server Error untuk masalah di server + ], 500); } - - + + // Respon sukses jika kueri berhasil + return $this->respond([ + 'status' => 'success', + 'code' => 201, + 'message' => 'User ' . $username . ' successfully created.' + ], 201); + } // public function change_pass() { @@ -220,11 +234,6 @@ class Auth extends Controller { 'message' => 'Authenticated', 'data' => $decodedPayload ], 200); - - // return $this->respond([ - // 'status' => 'success', - // 'message' => 'Already Login' - // ],200); } }