Fix redirect loop: tambah sessionStorage guard dan path check yang lebih ketat
This commit is contained in:
mwpn
@@ -63,15 +63,18 @@ Deploy ke web server (Apache/Nginx) dengan konfigurasi:
|
|||||||
### URL Rewrite (Opsional)
|
### URL Rewrite (Opsional)
|
||||||
|
|
||||||
**TIDAK PERLU URL rewrite** untuk aplikasi ini karena:
|
**TIDAK PERLU URL rewrite** untuk aplikasi ini karena:
|
||||||
|
|
||||||
- Semua file HTML bisa diakses langsung (`dashboard.html`, `event.html`, `settings.html`)
|
- Semua file HTML bisa diakses langsung (`dashboard.html`, `event.html`, `settings.html`)
|
||||||
- Tidak ada clean URLs atau SPA routing
|
- Tidak ada clean URLs atau SPA routing
|
||||||
- Struktur file sudah jelas dan mudah diakses
|
- Struktur file sudah jelas dan mudah diakses
|
||||||
|
|
||||||
**Jika ingin clean URLs** (misalnya `/dashboard` tanpa `.html`), bisa gunakan:
|
**Jika ingin clean URLs** (misalnya `/dashboard` tanpa `.html`), bisa gunakan:
|
||||||
|
|
||||||
- **Apache**: File `.htaccess` sudah disediakan (uncomment bagian clean URLs)
|
- **Apache**: File `.htaccess` sudah disediakan (uncomment bagian clean URLs)
|
||||||
- **Nginx**: Gunakan `nginx.conf.example` sebagai referensi
|
- **Nginx**: Gunakan `nginx.conf.example` sebagai referensi
|
||||||
|
|
||||||
File konfigurasi:
|
File konfigurasi:
|
||||||
|
|
||||||
- `.htaccess` - Apache URL rewrite (opsional, sudah include security headers & cache)
|
- `.htaccess` - Apache URL rewrite (opsional, sudah include security headers & cache)
|
||||||
- `nginx.conf.example` - Nginx configuration example
|
- `nginx.conf.example` - Nginx configuration example
|
||||||
|
|
||||||
|
|||||||
24
index.php
24
index.php
@@ -70,10 +70,26 @@
|
|||||||
|
|
||||||
// Jika sudah login, langsung arahkan ke dashboard utama (public/dashboard)
|
// Jika sudah login, langsung arahkan ke dashboard utama (public/dashboard)
|
||||||
// Cek dulu apakah kita sudah di dashboard untuk menghindari redirect loop
|
// Cek dulu apakah kita sudah di dashboard untuk menghindari redirect loop
|
||||||
const currentPath = window.location.pathname;
|
// Gunakan check yang lebih spesifik untuk mencegah loop
|
||||||
if (Auth.isAuthenticated() && !currentPath.includes('dashboard.html')) {
|
(function() {
|
||||||
window.location.href = 'public/dashboard/dashboard.html';
|
// Cek apakah ini benar-benar halaman index.php (bukan dashboard)
|
||||||
}
|
const currentPath = window.location.pathname;
|
||||||
|
const isIndexPage = currentPath.endsWith('index.php') || currentPath.endsWith('/') || currentPath === '/';
|
||||||
|
const isDashboardPage = currentPath.includes('dashboard.html') || currentPath.includes('event.html') || currentPath.includes('settings.html');
|
||||||
|
|
||||||
|
// Hanya redirect jika:
|
||||||
|
// 1. User sudah authenticated
|
||||||
|
// 2. Kita di index page (bukan dashboard)
|
||||||
|
// 3. Belum pernah redirect (cek sessionStorage)
|
||||||
|
if (Auth.isAuthenticated() && isIndexPage && !isDashboardPage) {
|
||||||
|
const redirectKey = 'auth_redirect_done';
|
||||||
|
if (!sessionStorage.getItem(redirectKey)) {
|
||||||
|
sessionStorage.setItem(redirectKey, '1');
|
||||||
|
window.location.href = 'public/dashboard/dashboard.html';
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
})();
|
||||||
|
|
||||||
document.getElementById('loginForm').addEventListener('submit', async (e) => {
|
document.getElementById('loginForm').addEventListener('submit', async (e) => {
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
|
|||||||
@@ -40,9 +40,11 @@ async function apiRequest(path, options = {}) {
|
|||||||
// Unauthorized → clear token & redirect to login
|
// Unauthorized → clear token & redirect to login
|
||||||
localStorage.removeItem('token');
|
localStorage.removeItem('token');
|
||||||
localStorage.removeItem('user');
|
localStorage.removeItem('user');
|
||||||
|
sessionStorage.removeItem('auth_redirect_done');
|
||||||
// Cek apakah sudah di login page untuk menghindari redirect loop
|
// Cek apakah sudah di login page untuk menghindari redirect loop
|
||||||
const currentPath = window.location.pathname;
|
const currentPath = window.location.pathname;
|
||||||
if (!currentPath.includes('index.php')) {
|
const isLoginPage = currentPath.includes('index.php');
|
||||||
|
if (!isLoginPage) {
|
||||||
window.location.href = '../index.php';
|
window.location.href = '../index.php';
|
||||||
}
|
}
|
||||||
throw new Error('Unauthorized');
|
throw new Error('Unauthorized');
|
||||||
|
|||||||
@@ -76,10 +76,18 @@ document.addEventListener('DOMContentLoaded', () => {
|
|||||||
const form = document.getElementById('login-form');
|
const form = document.getElementById('login-form');
|
||||||
if (form) {
|
if (form) {
|
||||||
// Cek apakah sudah authenticated dan belum di dashboard untuk menghindari redirect loop
|
// Cek apakah sudah authenticated dan belum di dashboard untuk menghindari redirect loop
|
||||||
|
// Hanya redirect jika benar-benar di login page (bukan dashboard)
|
||||||
const currentPath = window.location.pathname;
|
const currentPath = window.location.pathname;
|
||||||
if (Auth.isAuthenticated() && !currentPath.includes('dashboard')) {
|
const isLoginPage = currentPath.includes('index.php') || (currentPath.endsWith('/') && !currentPath.includes('dashboard'));
|
||||||
window.location.href = 'dashboard.html';
|
const isDashboardPage = currentPath.includes('dashboard.html') || currentPath.includes('event.html') || currentPath.includes('settings.html');
|
||||||
return;
|
|
||||||
|
if (Auth.isAuthenticated() && isLoginPage && !isDashboardPage) {
|
||||||
|
const redirectKey = 'auth_redirect_done';
|
||||||
|
if (!sessionStorage.getItem(redirectKey)) {
|
||||||
|
sessionStorage.setItem(redirectKey, '1');
|
||||||
|
window.location.href = 'dashboard.html';
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
form.addEventListener('submit', handleLoginSubmit);
|
form.addEventListener('submit', handleLoginSubmit);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -695,9 +695,19 @@ function initCharts() {
|
|||||||
document.addEventListener('DOMContentLoaded', async () => {
|
document.addEventListener('DOMContentLoaded', async () => {
|
||||||
// Require auth
|
// Require auth
|
||||||
if (!Auth.isAuthenticated()) {
|
if (!Auth.isAuthenticated()) {
|
||||||
window.location.href = '../index.php';
|
// Cek apakah sudah di login page untuk mencegah redirect loop
|
||||||
|
const currentPath = window.location.pathname;
|
||||||
|
const isLoginPage = currentPath.includes('index.php');
|
||||||
|
if (!isLoginPage) {
|
||||||
|
// Clear redirect flag jika logout
|
||||||
|
sessionStorage.removeItem('auth_redirect_done');
|
||||||
|
window.location.href = '../index.php';
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Clear redirect flag saat sudah di dashboard
|
||||||
|
sessionStorage.removeItem('auth_redirect_done');
|
||||||
|
|
||||||
// Set default date ke hari ini (jangan auto-detect ke tanggal lama)
|
// Set default date ke hari ini (jangan auto-detect ke tanggal lama)
|
||||||
const today = new Date().toISOString().split('T')[0];
|
const today = new Date().toISOString().split('T')[0];
|
||||||
|
|||||||
Reference in New Issue
Block a user