update

2026-04-25 17:11:06 +07:00 · 2026-04-25 06:28:05 +07:00 · 2026-04-25 06:20:28 +07:00 · 2026-04-25 05:58:21 +07:00 · 2026-04-25 05:31:18 +07:00
7 changed files with 175 additions and 134 deletions
--- a/app/Config/Constants.php
+++ b/app/Config/Constants.php
@@ -388,5 +388,5 @@ define("SSL_KEY", array(
 	"Payload_IV" => "Ae0Rf13j8e",
 	"route" => "pkAddGs9DB3VeEGL"
 ));
-define("JWT_KEY", "9QY3tGDFzS5aiI3Pz8Uf");
+define("JWT_KEY", "9QY3tGDFzS5aiI3Pz8UfABCDEF1234567890");
 // YG INI JANGAN DI HAPUS
--- a/app/Config/Routes.php
+++ b/app/Config/Routes.php
@@ -23,3 +23,6 @@ $routes->group('api', function($routes) {
    // Standard CRUD via DhivaRoutes (Keep for compatibility)
    DhivaRoutes::Route($routes, 'user', 'SuperUserController');
 });
+
+// Catch all OPTIONS requests for CORS preflight
+$routes->options('(:any)', function () {});
--- a/app/Controllers/BaseController.php
+++ b/app/Controllers/BaseController.php
@@ -157,6 +157,7 @@ abstract class BaseController extends Controller
        $bypassed = [
            '/api/auth' => 'POST',
            '/api/personel/profil' => 'GET', // Allow profile access for QR
+            '/api/personel/drh' => 'GET',    // Allow DRH access for QR
        ];
        
        $this->initHeader();
--- a/app/Controllers/PersonelController.php
+++ b/app/Controllers/PersonelController.php
@@ -112,7 +112,8 @@ class PersonelController extends BaseController
   */
  public function generateEncryptedLink()
  {
-        $nrp = $this->request->getPost('nrp');
+    $json = $this->request->getJSON();
+    $nrp = $json ? $json->nrp : $this->request->getPost('nrp');

    if (!$nrp) {
      $this->respond(['status' => 'error', 'message' => 'NRP wajib diisi'], 400);
@@ -125,7 +126,7 @@ class PersonelController extends BaseController
      'data' => [
        'nrp' => $nrp,
        'encrypted_nrp' => $encryptedNrp,
-                'url' => "http://localhost:4200/kta/profil/" . $encryptedNrp
+        'url' => "http://192.168.1.11:4200/kta/profil/" . $encryptedNrp
      ]
    ];

--- a/app/Controllers/SuperUserController.php
+++ b/app/Controllers/SuperUserController.php
@@ -19,12 +19,18 @@ class SuperUserController extends BaseController
     */
    public function auth()
    {
-        // Debug point
-        echo json_encode(["status" => "reached auth"]); die;
-
        $inputUsername = $this->post('username');
        $inputPassword = $this->post('password');

+        // Fallback for JSON payload (Angular)
+        if (empty($inputUsername) || empty($inputPassword)) {
+            $json = $this->request->getJSON();
+            if ($json) {
+                $inputUsername = $json->username ?? null;
+                $inputPassword = $json->password ?? null;
+            }
+        }
+
        if (empty($inputUsername) || empty($inputPassword)) {
            $this->respond([
                'success' => false,
--- a/app/Filters/Cors.php
+++ b/app/Filters/Cors.php
@@ -26,13 +26,13 @@ class Cors implements FilterInterface
     */
    public function before(RequestInterface $request, $arguments = null)
    {
-        // header("Access-Control-Allow-Origin: *");
-        // header("Access-Control-Allow-Headers: X-API-KEY, Origin,X-Requested-With, Content-Type, Accept, Access-Control-Requested-Method, Authorization, ClientSecret");
-        // header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
-        // $method = $_SERVER['REQUEST_METHOD'];
-        // if ($method == "OPTIONS") {
-        //     die();
-        // }
+        header("Access-Control-Allow-Origin: *");
+        header("Access-Control-Allow-Headers: X-API-KEY, Origin,X-Requested-With, Content-Type, Accept, Access-Control-Requested-Method, Authorization, ClientSecret");
+        header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
+        $method = $_SERVER['REQUEST_METHOD'];
+        if ($method == "OPTIONS") {
+            die();
+        }
    }

    /**
--- a/schema.sql
+++ b/schema.sql
@@ -17,10 +17,40 @@ CREATE TABLE IF NOT EXISTS kta_digital.personel (
    agama VARCHAR(50),
    suku VARCHAR(50),
    status_personel VARCHAR(50) DEFAULT 'AKTIF',
+    no_wa VARCHAR(20),
+    email VARCHAR(255),
+    otp_code VARCHAR(10),
+    otp_expired_at TIMESTAMP,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
 );

+-- Table: public.super_user (Auth)
+CREATE TABLE IF NOT EXISTS public.super_user (
+    super_user_id SERIAL PRIMARY KEY,
+    username VARCHAR(255) NOT NULL,
+    password VARCHAR(255) NOT NULL,
+    name VARCHAR(255),
+    email VARCHAR(255),
+    avatar TEXT,
+    satuan_id INTEGER,
+    jabatan VARCHAR(255),
+    nrp VARCHAR(20),
+    pangkat VARCHAR(100),
+    no_wa VARCHAR(20),
+    super_group_id INTEGER,
+    login_date TIMESTAMP,
+    access_at TIMESTAMP,
+    token TEXT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Seed demo admin user (username: dhivaadmin, password: dhivaadmin)
+INSERT INTO public.super_user (username, password, name, super_group_id)
+VALUES ('dhivaadmin', 'dhivaadmin', 'Admin KTA', 1)
+ON CONFLICT DO NOTHING;
+
 -- Table: kta_digital.pendidikan_kepolisian
 CREATE TABLE IF NOT EXISTS kta_digital.pendidikan_kepolisian (
    id SERIAL PRIMARY KEY,
@@ -87,11 +117,11 @@ CREATE TABLE IF NOT EXISTS kta_digital.penugasan_luar_struktur (
 );

 -- Seed Data: Personel
-INSERT INTO kta_digital.personel (nrp, nama, pangkat, jabatan, satuan, foto_url, tmt_jabatan, lama_jabatan, tempat_lahir, tanggal_lahir, agama, suku, status_personel)
+INSERT INTO kta_digital.personel (nrp, nama, pangkat, jabatan, satuan, foto_url, tmt_jabatan, lama_jabatan, tempat_lahir, tanggal_lahir, agama, suku, status_personel, no_wa, email)
 VALUES 
-('83121540', 'YOPPY ANGGI KRISNA', 'AKBP', 'KASUBBAGMINDOK BAGINFOPERS ROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-yoppy.jpg', '2026-01-02', '0 Tahun 0 Bulan 5 Hari', 'KABUPATEN BANYUWANGI', '14 Maret 1982', 'ISLAM', 'JAWA', 'AKTIF'),
-('72060510', 'LANGGENG PURNOMO', 'BRIGJEN POL', 'KAROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-langgeng.jpg', '2023-03-15', '2 Tahun 1 Bulan 9 Hari', 'SURABAYA', '10 Juni 1972', 'ISLAM', 'JAWA', 'AKTIF'),
-('77110844', 'SIGIT DANY SETIYONO', 'KOMBES POL', 'KABAGINFOPERS ROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-sigit.jpg', '2022-04-01', '2 Tahun 9 Bulan 23 Hari', 'SEMARANG', '08 November 1977', 'ISLAM', 'JAWA', 'AKTIF')
+('83121540', 'YOPPY ANGGI KRISNA', 'AKBP', 'KASUBBAGMINDOK BAGINFOPERS ROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-yoppy.jpg', '2026-01-02', '0 Tahun 0 Bulan 5 Hari', 'KABUPATEN BANYUWANGI', '14 Maret 1982', 'ISLAM', 'JAWA', 'AKTIF', '081234567890', 'yoppy@example.com'),
+('72060510', 'LANGGENG PURNOMO', 'BRIGJEN POL', 'KAROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-langgeng.jpg', '2023-03-15', '2 Tahun 1 Bulan 9 Hari', 'SURABAYA', '10 Juni 1972', 'ISLAM', 'JAWA', 'AKTIF', '081234567891', 'langgeng@example.com'),
+('77110844', 'SIGIT DANY SETIYONO', 'KOMBES POL', 'KABAGINFOPERS ROBINKAR SSDM POLRI', 'ROBINKAR SSDM POLRI', '/foto-sigit.jpg', '2022-04-01', '2 Tahun 9 Bulan 23 Hari', 'SEMARANG', '08 November 1977', 'ISLAM', 'JAWA', 'AKTIF', '081234567892', 'sigit@example.com')
 ON CONFLICT (nrp) DO NOTHING;

 -- Seed Data: Pendidikan Kepolisian (Example for Yoppy)
Author	SHA1	Message	Date
Naden	27cc2cf763	update	2026-04-25 17:11:06 +07:00
Naden	47e9949cef	update	2026-04-25 06:28:05 +07:00
Naden	e908b7a1d6	update	2026-04-25 06:20:28 +07:00
Naden	211f72fa3b	update cors	2026-04-25 05:58:21 +07:00
Naden	0469f2d343	update	2026-04-25 05:31:18 +07:00