From 6588ee8c4625a0c6c36a3c5ca4738faaac0177fd Mon Sep 17 00:00:00 2001
From: ariefabbauftech-ai <arief.abbauftech@gmail.com>
Date: Mon, 1 Sep 2025 08:59:34 +0700
Subject: [PATCH] [Admin]

---
 .../Controllers/AdminAuthController.php.php   |  36 ++++++
 backend/app/Models/Admin.php                  |  21 ++++
 backend/config/auth.php                       |  75 +++++++-----
 ...5_08_29_091312_create_admins_table.php.php |  22 ++++
 .../resources/views/admin/dashboard.blade.php |  14 +++
 backend/resources/views/admin/login.blade.php | 114 ++++++++++++++++++
 backend/routes/web.php                        |  19 +--
 7 files changed, 258 insertions(+), 43 deletions(-)
 create mode 100644 backend/app/Http/Controllers/AdminAuthController.php.php
 create mode 100644 backend/app/Models/Admin.php
 create mode 100644 backend/database/migrations/2025_08_29_091312_create_admins_table.php.php
 create mode 100644 backend/resources/views/admin/dashboard.blade.php
 create mode 100644 backend/resources/views/admin/login.blade.php

diff --git a/backend/app/Http/Controllers/AdminAuthController.php.php b/backend/app/Http/Controllers/AdminAuthController.php.php
new file mode 100644
index 0000000..62fab46
--- /dev/null
+++ b/backend/app/Http/Controllers/AdminAuthController.php.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Controllers\Adm;
+
+use App\Models\Admin;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+
+class AdminAuthController extends Controller
+{
+    // Form Login
+    public function showLogin()
+    {
+        return view('admin.login');
+    }
+
+    // Proses Login
+    public function login(Request $request)
+    {
+        $credentials = $request->only('email', 'password');
+
+        if (Auth::guard('admin')->attempt($credentials)) {
+            return redirect()->route('admin.dashboard')->with('success', 'Login berhasil!');
+        }
+
+        return back()->with('error', 'Email atau password salah.');
+    }
+
+    // Logout
+    public function logout(Request $request)
+    {
+        Auth::guard('admin')->logout();
+        return redirect()->route('admin.login');
+    }
+}
diff --git a/backend/app/Models/Admin.php b/backend/app/Models/Admin.php
new file mode 100644
index 0000000..e8cd987
--- /dev/null
+++ b/backend/app/Models/Admin.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+
+class Admin extends Authenticatable
+{
+    use Notifiable;
+
+    protected $table = 'admins';
+
+    protected $fillable = [
+        'username', 'email', 'password',
+    ];
+
+    protected $hidden = [
+        'password', 'remember_token',
+    ];
+}
diff --git a/backend/config/auth.php b/backend/config/auth.php
index cae0028..734d8e1 100644
--- a/backend/config/auth.php
+++ b/backend/config/auth.php
@@ -24,22 +24,39 @@ return [
     |--------------------------------------------------------------------------
     |
     | Next, you may define every authentication guard for your application.
-    | Of course, a great default configuration has been defined for you
-    | here which uses session storage and the Eloquent user provider.
+    | A great default configuration has been defined for you here which
+    | uses session storage and the Eloquent user provider.
     |
-    | All authentication drivers have a user provider. This defines how the
-    | users are actually retrieved out of your database or other storage
-    | mechanisms used by this application to persist your user's data.
-    |
-    | Supported: "session"
+    | Supported drivers: "session", "token"
     |
     */
 
     'guards' => [
+        // Guard untuk user biasa
         'web' => [
             'driver' => 'session',
             'provider' => 'users',
         ],
+
+        // Guard untuk admin (login via web session)
+        'admin' => [
+            'driver' => 'session',
+            'provider' => 'admins',
+        ],
+
+        // Guard API untuk user (misalnya dengan sanctum / token)
+        'api' => [
+            'driver' => 'token',
+            'provider' => 'users',
+            'hash' => false,
+        ],
+
+        // Guard API untuk admin
+        'admin-api' => [
+            'driver' => 'token',
+            'provider' => 'admins',
+            'hash' => false,
+        ],
     ],
 
     /*
@@ -48,23 +65,26 @@ return [
     |--------------------------------------------------------------------------
     |
     | All authentication drivers have a user provider. This defines how the
-    | users are actually retrieved out of your database or other storage
-    | mechanisms used by this application to persist your user's data.
+    | users are retrieved from your database or other storage systems.
     |
-    | If you have multiple user tables or models you may configure multiple
-    | sources which represent each model / table. These sources may then
-    | be assigned to any extra authentication guards you have defined.
-    |
-    | Supported: "database", "eloquent"
+    | Supported drivers: "database", "eloquent"
     |
     */
 
     'providers' => [
+        // Provider untuk user biasa
         'users' => [
             'driver' => 'eloquent',
             'model' => App\Models\User::class,
         ],
 
+        // Provider untuk admin
+        'admins' => [
+            'driver' => 'eloquent',
+            'model' => App\Models\Admin::class,
+        ],
+
+        // Kalau mau pakai database langsung (tidak lewat model)
         // 'users' => [
         //     'driver' => 'database',
         //     'table' => 'users',
@@ -76,17 +96,9 @@ return [
     | Resetting Passwords
     |--------------------------------------------------------------------------
     |
-    | You may specify multiple password reset configurations if you have more
-    | than one user table or model in the application and you want to have
-    | separate password reset settings based on the specific user types.
-    |
-    | The expire time is the number of minutes that each reset token will be
-    | considered valid. This security feature keeps tokens short-lived so
-    | they have less time to be guessed. You may change this as needed.
-    |
-    | The throttle setting is the number of seconds a user must wait before
-    | generating more password reset tokens. This prevents the user from
-    | quickly generating a very large amount of password reset tokens.
+    | Anda dapat menentukan beberapa konfigurasi reset password jika ada
+    | lebih dari satu tabel atau model user dan ingin pengaturan reset
+    | yang berbeda berdasarkan tipe user tertentu.
     |
     */
 
@@ -97,6 +109,14 @@ return [
             'expire' => 60,
             'throttle' => 60,
         ],
+
+        // Kalau admin juga butuh reset password, bisa tambahkan ini
+        'admins' => [
+            'provider' => 'admins',
+            'table' => 'password_reset_tokens',
+            'expire' => 60,
+            'throttle' => 60,
+        ],
     ],
 
     /*
@@ -104,9 +124,8 @@ return [
     | Password Confirmation Timeout
     |--------------------------------------------------------------------------
     |
-    | Here you may define the amount of seconds before a password confirmation
-    | times out and the user is prompted to re-enter their password via the
-    | confirmation screen. By default, the timeout lasts for three hours.
+    | Jumlah detik sebelum konfirmasi password kadaluarsa.
+    | Default: 3 jam (10800 detik).
     |
     */
 
diff --git a/backend/database/migrations/2025_08_29_091312_create_admins_table.php.php b/backend/database/migrations/2025_08_29_091312_create_admins_table.php.php
new file mode 100644
index 0000000..b4e66a6
--- /dev/null
+++ b/backend/database/migrations/2025_08_29_091312_create_admins_table.php.php
@@ -0,0 +1,22 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration {
+    public function up(): void {
+        Schema::create('admins', function (Blueprint $table) {
+            $table->id();
+            $table->string('username')->unique();
+            $table->string('email')->unique();
+            $table->string('password');
+            $table->rememberToken();
+            $table->timestamps();
+        });
+    }
+
+    public function down(): void {
+        Schema::dropIfExists('admins');
+    }
+};
diff --git a/backend/resources/views/admin/dashboard.blade.php b/backend/resources/views/admin/dashboard.blade.php
new file mode 100644
index 0000000..400aab4
--- /dev/null
+++ b/backend/resources/views/admin/dashboard.blade.php
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Admin Dashboard</title>
+</head>
+<body>
+    <h1>Halo, {{ Auth::guard('admin')->user()->username }}</h1>
+
+    <form method="POST" action="{{ route('admin.logout') }}">
+        @csrf
+        <button type="submit">Logout</button>
+    </form>
+</body>
+</html>
diff --git a/backend/resources/views/admin/login.blade.php b/backend/resources/views/admin/login.blade.php
new file mode 100644
index 0000000..ff86852
--- /dev/null
+++ b/backend/resources/views/admin/login.blade.php
@@ -0,0 +1,114 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login Admin</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome (kalau tidak dipakai bisa dihapus) -->
+    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css" rel="stylesheet">
+
+    <style>
+        body {
+            background-color: #ffffff;
+            height: 100vh;
+        }
+        .login-card {
+            width: 380px;
+            border-radius: 15px;
+            padding: 30px;
+            background: #ffffff;
+            box-shadow: 0 0 25px rgb(0, 123, 255);
+        }
+        .login-card img {
+            width: 150px;
+            display: block;
+            margin: 0 auto 20px;
+        }
+        .login-card h4 {
+            font-weight: 700;
+            text-align: center;
+            margin-bottom: 10px;
+        }
+        .login-card p {
+            text-align: center;
+            color: #6c757d;
+            margin-bottom: 20px;
+        }
+        .form-control {
+            border-radius: 10px;
+            padding: 10px 15px;
+        }
+        .btn-login {
+            background: #2ea8ff;
+            border: none;
+            border-radius: 10px;
+            padding: 10px;
+            font-size: 16px;
+            font-weight: 600;
+            color: #fff;
+            transition: 0.3s;
+        }
+        .btn-login:hover {
+            background: #0d6efd;
+        }
+        .remember-forgot {
+            font-size: 14px;
+        }
+        .remember-forgot a {
+            color: #0d6efd;
+            text-decoration: none;
+        }
+        .remember-forgot a:hover {
+            text-decoration: underline;
+        }
+        /* Samakan panjang label */
+        .login-card .form-label {
+            display: block;
+            width: 100%;
+            font-weight: 500;
+        }
+    </style>
+</head>
+<body class="d-flex justify-content-center align-items-center">
+
+    <div class="login-card">
+        <!-- Logo -->
+        <img src="{{ asset('images/abbauf.png') }}" alt="Logo">
+
+        <h4>WELCOME BACK</h4>
+        <p>Welcome back! Please enter your details.</p>
+
+        {{-- Notifikasi --}}
+        @if(session('error'))
+            <div class="alert alert-danger">{{ session('error') }}</div>
+        @endif
+        @if(session('success'))
+            <div class="alert alert-success">{{ session('success') }}</div>
+        @endif
+
+        <form method="POST" action="{{ route('admin.login.submit') }}">
+            @csrf
+            <div class="mb-3">
+                <label class="form-label w-100">Username</label>
+                <input type="text" name="email" class="form-control" placeholder="Enter your name" required>
+            </div>
+            <div class="mb-3">
+                <label class="form-label w-100">Password</label>
+                <input type="password" name="password" class="form-control" id="password" placeholder="********" required>
+            </div>
+
+            <div class="d-flex justify-content-between align-items-center mb-3 remember-forgot">
+                <div>
+                    <input type="checkbox" id="remember">
+                    <label for="remember">Remember me</label>
+                </div>
+                <a href="#">Forgot password</a>
+            </div>
+
+            <button type="submit" class="btn btn-login w-100">Login</button>
+        </form>
+    </div>
+
+</body>
+</html>
diff --git a/backend/routes/web.php b/backend/routes/web.php
index d259f33..df440d2 100644
--- a/backend/routes/web.php
+++ b/backend/routes/web.php
@@ -1,18 +1,7 @@
 <?php
 
-use Illuminate\Support\Facades\Route;
+use App\Http\Controllers\AdminAuthController;
 
-/*
-|--------------------------------------------------------------------------
-| Web Routes
-|--------------------------------------------------------------------------
-|
-| Here is where you can register web routes for your application. These
-| routes are loaded by the RouteServiceProvider and all of them will
-| be assigned to the "web" middleware group. Make something great!
-|
-*/
-
-Route::get('/', function () {
-    return view('welcome');
-});
+Route::get('admin/login', [AdminAuthController::class, 'showLogin'])->name('admin.login');
+Route::post('admin/login', [AdminAuthController::class, 'login'])->name('admin.login.post');
+Route::post('admin/logout', [AdminAuthController::class, 'logout'])->name('admin.logout');