Merge pull request #10 from GesangPJ/test

API endpoint Protection using getToken JWT

Author: GesangPJ

src/app/api/dashboard-admin/route.js

@@ -2,16 +2,16 @@
 
 import { NextResponse } from 'next/server'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from '@/app/lib/prisma'
 
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
+  if (!token) {
     console.log('Unauthorized Access : API Dashboard Admin')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })

src/app/api/dashboard-karyawan/route.js

@@ -2,16 +2,16 @@
 
 import { NextResponse } from 'next/server'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from '@/app/lib/prisma'
 
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
-  
-  if (!session) {
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
+
+  if (!token) {
     console.log('Unauthorized Access : API Dashboard Karyawan')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })

src/app/api/detail-kasbon/route.js

@@ -3,17 +3,17 @@
 
 import { NextResponse } from "next/server"
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
-    console.log('Unauthorized Access : API Detail Kasbon')
+  if (!token) {
+    console.log('Unauthorized Access : API Ambil Detail Kasbon')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })
   }

src/app/api/kasbon-bayar/route.js

@@ -3,17 +3,17 @@
 
 import { NextResponse } from "next/server"
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
-    console.log('Unauthorized Access : API Ambil Kasbon Bayar')
+  if (!token) {
+    console.log('Unauthorized Access : API Ambil Status Bayar')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })
   }

src/app/api/kasbon-request/route.js

@@ -3,17 +3,17 @@
 
 import { NextResponse } from "next/server"
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
-    console.log('Unauthorized Access : API Ambil Kasbon Request')
+  if (!token) {
+    console.log('Unauthorized Access : API Ambil Status Request')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })
   }

src/app/api/laporan-kasbon/route.js

@@ -6,17 +6,17 @@ import { NextResponse } from "next/server"
 
 import dayjs from 'dayjs'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export async function GET(req){
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
-    console.log('Unauthorized Access : API Ambil Laporan Bulanan')
+  if (!token) {
+    console.log('Unauthorized Access : API Ambil Laporan Bulanan Kasbon')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })
   }

src/app/api/registrasi/route.js

@@ -2,16 +2,16 @@ import { NextResponse } from 'next/server'
 
 import bcrypt from 'bcrypt'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from '@/app/lib/prisma'
 
 export const POST = async (req) => {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
+  if (!token) {
     console.log('Unauthorized Access : API Registrasi Akun')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })

src/app/api/status-bayar/route.js

@@ -3,16 +3,16 @@
 
 import { NextResponse } from "next/server"
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export const PUT = async (req) => {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
+  if (!token) {
     console.log('Unauthorized Access : API SET Status Bayar')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })

src/app/api/status-request/route.js

@@ -3,17 +3,17 @@
 
 import { NextResponse } from "next/server"
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from "@/app/lib/prisma"
 
 export const PUT = async (req) => {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
-    console.log('Unauthorized Access : API SET Status Request')
+  if (!token) {
+    console.log('Unauthorized Access : API Set Status Request')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })
   }

src/app/api/tabel-akun/route.js

@@ -1,17 +1,17 @@
 import { NextResponse } from 'next/server'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from '@/app/lib/prisma'
 
 
 // GET /api/tabel-akun
 export async function GET(req) {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
+  if (!token) {
     console.log('Unauthorized Access : API Ambil Daftar Akun')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })

src/app/api/tambah-kasbon/route.js

@@ -2,16 +2,16 @@
 
 import { NextResponse } from 'next/server'
 
-import { getServerSession } from "next-auth/next"
-
-import { authOptions } from "../auth/[...nextauth]/route"
+import { getToken } from 'next-auth/jwt'
 
 import prisma from '@/app/lib/prisma'
 
 export const POST = async (req) => {
-  const session = await getServerSession(req, { req }, authOptions)
+  const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET })
+
+  console.log('Token:', token)
 
-  if (!session) {
+  if (!token) {
     console.log('Unauthorized Access : API Tambah Kasbon')
 
     return NextResponse.json({ error: 'Unauthorized Access' }, { status: 401 })