Fix redirect loop: tambah guard lebih ketat di semua file, hapus redirect di .htaccess public

2025-12-18 13:25:50 +07:00
parent da151681e1
commit 4cd16d4e11
5 changed files with 66 additions and 9 deletions
--- a/public/dashboard/event.html
+++ b/public/dashboard/event.html
@@ -236,7 +236,14 @@

      // Check auth
      if (!Auth.isAuthenticated()) {
-        window.location.href = '../index.php';
+        const currentPath = window.location.pathname.toLowerCase();
+        const isLoginPage = currentPath.includes('index.php') || 
+                            currentPath === '/' || 
+                            currentPath === '/index.php';
+        // Hanya redirect jika belum di login page
+        if (!isLoginPage) {
+          window.location.href = '../index.php';
+        }
      }

      // Logout handler
--- a/public/dashboard/js/api.js
+++ b/public/dashboard/js/api.js
@@ -41,9 +41,14 @@ async function apiRequest(path, options = {}) {
      localStorage.removeItem('token');
      localStorage.removeItem('user');
      // Cek apakah sudah di login page untuk menghindari redirect loop
-      const currentPath = window.location.pathname;
-      const isLoginPage = currentPath.includes('index.php') || currentPath === '/' || currentPath.endsWith('/');
-      if (!isLoginPage) {
+      const currentPath = window.location.pathname.toLowerCase();
+      const isLoginPage = currentPath.includes('index.php') || 
+                          currentPath === '/' || 
+                          currentPath === '/index.php' ||
+                          currentPath.endsWith('/') ||
+                          currentPath === '';
+      // Hanya redirect jika benar-benar di halaman dashboard, bukan di login page
+      if (!isLoginPage && currentPath.includes('dashboard')) {
        window.location.href = '../index.php';
      }
      throw new Error('Unauthorized');
--- a/public/dashboard/js/dashboard.js
+++ b/public/dashboard/js/dashboard.js
@@ -696,10 +696,16 @@ document.addEventListener('DOMContentLoaded', async () => {
  // Require auth
  if (!Auth.isAuthenticated()) {
    // Cek apakah sudah di login page untuk mencegah redirect loop
-    const currentPath = window.location.pathname;
-    const isLoginPage = currentPath.includes('index.php') || currentPath === '/' || currentPath.endsWith('/');
-    if (!isLoginPage) {
-      // Redirect ke login hanya jika belum di login page
+    const currentPath = window.location.pathname.toLowerCase();
+    const isLoginPage = currentPath.includes('index.php') || 
+                        currentPath === '/' || 
+                        currentPath === '/index.php' ||
+                        currentPath.endsWith('/') ||
+                        currentPath === '';
+    
+    // JANGAN redirect jika sudah di login page atau root
+    if (!isLoginPage && currentPath.includes('dashboard')) {
+      // Hanya redirect jika benar-benar di halaman dashboard
      window.location.href = '../index.php';
    }
    return;
--- a/public/dashboard/settings.html
+++ b/public/dashboard/settings.html
@@ -570,7 +570,14 @@

      // Check auth
      if (!Auth.isAuthenticated()) {
-        window.location.href = '../index.php';
+        const currentPath = window.location.pathname.toLowerCase();
+        const isLoginPage = currentPath.includes('index.php') || 
+                            currentPath === '/' || 
+                            currentPath === '/index.php';
+        // Hanya redirect jika belum di login page
+        if (!isLoginPage) {
+          window.location.href = '../index.php';
+        }
      }

      // Logout handler