90 lines
2.9 KiB
TypeScript
90 lines
2.9 KiB
TypeScript
// middleware/auth.ts
|
|
import {getTimetoMilis, timestampToDate} from "~/utils/helper";
|
|
import {signOut} from "next-auth/react";
|
|
import { useAccess } from "~/composables/useAccess";
|
|
export default defineNuxtRouteMiddleware(async(to) => {
|
|
if (process.server) return;
|
|
|
|
try {
|
|
const sess : any = await useSessionLogin('getSess');
|
|
console.log('session data:', sess);
|
|
// console.log('route auth requirement:', timestampToDate(sess?.expires_in?.timestamps, 'id-ID'));
|
|
// const timeMilis= sess?.expires_in?.timestamps*1000
|
|
// console.log(timeMilis)
|
|
// console.log('route auth requirement:', new Date(timeMilis));
|
|
// console.log('milis:', timestampToDate(sess?.expires_in?.timestamps,'id-ID'));
|
|
// console.log('milis:', timestampToDate(getTimetoMilis(),'id-ID'));
|
|
|
|
// Jika session tidak ada atau sudah expired
|
|
//console.log('session data:', sess?.user_payload?.expires?.expires_at, getTimetoMilis()>= sess?.user_payload?.expires?.expires_at);
|
|
//if(!sess || getTimetoMilis() >= sess?.user_payload?.expires?.expires_at){
|
|
if(!sess){
|
|
if(to.path!=='/auth/login'){
|
|
await signOut()
|
|
return navigateTo({
|
|
path: "/auth/login",
|
|
query: {
|
|
...to.query,
|
|
reason: "auth_required",
|
|
continue: "true"
|
|
}
|
|
});
|
|
}
|
|
|
|
return;
|
|
}
|
|
|
|
// Get menu dan permission dari halaman
|
|
const roleUser = sess?.user_payload?.typeUser;
|
|
//console.log("roleUser", roleUser);
|
|
const { getRole, getPagesUser, getMergedPages,getPermisionPage } = useAccess(to.path , roleUser);
|
|
const mergedPages = getMergedPages
|
|
const permisionPage = getPermisionPage
|
|
|
|
// Validasi permission dari halaman
|
|
const meta = to.meta;
|
|
const allowedRole = (meta.role || []) as string[]
|
|
const rolePass = allowedRole.length === 0 || allowedRole.includes(roleUser)
|
|
//const permissionPass = !meta.permission || meta.permission.every(p => perms.includes(p))
|
|
|
|
//if (!rolePass || !permisionPage) {
|
|
if (!rolePass || !mergedPages) {
|
|
console.log('[ ACCESS DENIED]', {
|
|
path: to.path,
|
|
roleUser,
|
|
mergedPages
|
|
})
|
|
return navigateTo('/auth/401') // Halaman tidak punya akses
|
|
}
|
|
|
|
console.log('[ACCESS GRANTED]', {
|
|
path: to.path,
|
|
roleUser,
|
|
mergedPages,
|
|
permisionPage,
|
|
allowedRole,
|
|
})
|
|
|
|
// Optional: Pengecekan tipe user jika diperlukan
|
|
// // if (to.meta.auth && to.meta.auth !== sess?.user_payload?.typeUser) {
|
|
// const metaRoles=to.meta?.roles;
|
|
// console.log(metaRoles);
|
|
// if (!to.meta || !metaRoles.includes(sess?.user_payload?.typeUser)) {
|
|
// return navigateTo('/auth/401');
|
|
// }
|
|
|
|
} catch (err) {
|
|
console.error('Session check failed:', err);
|
|
if (to.path !== '/auth/login') {
|
|
return navigateTo({
|
|
path: '/auth/login',
|
|
query: {
|
|
returnUrl: to.fullPath,
|
|
reason: 'session check failed'
|
|
}
|
|
});
|
|
}
|
|
}
|
|
|
|
});
|