kangmin/presensi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init backend presensi

Browse Source
This commit is contained in:
mwpn
2026-03-05 14:37:36 +07:00
commit b4fda6b9c9
319 changed files with 27261 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
app/Filters/.gitkeep Normal file
View File

51
app/Filters/AdminOnlyFilter.php Normal file
View File

@@ -0,0 +1,51 @@
<?php
namespace App\Filters;
use App\Modules\Auth\Entities\Role;
use App\Modules\Auth\Services\AuthService;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Admin Only Filter
*
* Allows access only if user is logged in and has role ADMIN. Otherwise 401 or 403.
*/
class AdminOnlyFilter implements \CodeIgniter\Filters\FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
$authService = new AuthService();
$user = $authService->currentUser();
if ($user === null) {
return service('response')
->setStatusCode(401)
->setJSON([
'success' => false,
'message' => 'Unauthorized',
'data' => null,
]);
}
$roles = $user['roles'] ?? [];
$codes = array_column($roles, 'role_code');
if (!in_array(Role::CODE_ADMIN, $codes, true)) {
return service('response')
->setStatusCode(403)
->setJSON([
'success' => false,
'message' => 'Forbidden: Admin only',
'data' => null,
]);
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}

40
app/Filters/DashboardAdminPageFilter.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
namespace App\Filters;
use App\Modules\Auth\Entities\Role;
use App\Modules\Auth\Services\AuthService;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Dashboard Admin Page Filter
*
* For HTML dashboard pages that require ADMIN role. Redirects to /login if not logged in,
* or to /dashboard with error flash if not admin.
*/
class DashboardAdminPageFilter implements \CodeIgniter\Filters\FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
$authService = new AuthService();
$user = $authService->currentUser();
if ($user === null) {
return redirect()->to('/login')->with('redirect', uri_string());
}
$roles = $user['roles'] ?? [];
$codes = array_column($roles, 'role_code');
if (!in_array(Role::CODE_ADMIN, $codes, true)) {
return redirect()->to('/dashboard')->with('error', 'Akses hanya untuk Admin.');
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}

36
app/Filters/DashboardAuthFilter.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace App\Filters;
use App\Modules\Auth\Services\AuthService;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Dashboard Auth Filter
*
* Blocks access to dashboard if user is not logged in. Returns 401 JSON.
*/
class DashboardAuthFilter implements \CodeIgniter\Filters\FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
$authService = new AuthService();
if ($authService->currentUser() === null) {
return service('response')
->setStatusCode(401)
->setJSON([
'success' => false,
'message' => 'Unauthorized',
'data' => null,
]);
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}

30
app/Filters/DashboardPageAuthFilter.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Filters;
use App\Modules\Auth\Services\AuthService;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
/**
* Dashboard Page Auth Filter
*
* Redirects to /login if user is not logged in (for web dashboard UI).
*/
class DashboardPageAuthFilter implements \CodeIgniter\Filters\FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
$authService = new AuthService();
if ($authService->currentUser() === null) {
return redirect()->to('/login')->with('redirect', uri_string());
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}

47
app/Filters/MobileStudentFacePhotoFilter.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
/**
* MobileStudentFacePhotoFilter
*
* Melindungi endpoint foto wajah siswa:
* - Wajib ada header X-Student-Id
* - Nilai header harus sama dengan query student_id
*
* Catatan: ini lapisan keamanan tambahan di atas kontrol app mobile.
* Untuk produksi bisa dikembangkan ke token-based auth khusus mobile.
*/
class MobileStudentFacePhotoFilter implements FilterInterface
{
public function before(RequestInterface $request, $arguments = null)
{
// RequestInterface di runtime adalah IncomingRequest yang mendukung getGet(),
// namun untuk hint static gunakan service('request') sebagai sumber query.
$ciRequest = service('request');
$studentIdParam = (int) ($ciRequest->getGet('student_id') ?? 0);
$headerId = (int) ($request->getHeaderLine('X-Student-Id') ?: 0);
if ($studentIdParam < 1 || $headerId < 1 || $studentIdParam !== $headerId) {
$response = service('response');
return $response
->setStatusCode(403)
->setJSON([
'success' => false,
'message' => 'Forbidden: student_id tidak cocok dengan identitas mobile.',
]);
}
return null;
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
return $response;
}
}