Bagas_hpp123
/
sidakpelem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sidakpelem/README.md

218 lines
7.6 KiB
Markdown
Raw Blame History

<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>
<p align="center">
<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
</p>
## About Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- [Simple, fast routing engine](https://laravel.com/docs/routing).
- [Powerful dependency injection container](https://laravel.com/docs/container).
- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
- [Robust background job processing](https://laravel.com/docs/queues).
- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).
Laravel is accessible, powerful, and provides tools required for large, robust applications.
## Learning Laravel
Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.
You may also try the [Laravel Bootcamp](https://bootcamp.laravel.com), where you will be guided through building a modern Laravel application from scratch.
If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
## Laravel Sponsors
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the [Laravel Partners program](https://partners.laravel.com).
### Premium Partners
- **[Vehikl](https://vehikl.com)**
- **[Tighten Co.](https://tighten.co)**
- **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)**
- **[64 Robots](https://64robots.com)**
- **[Curotec](https://www.curotec.com/services/technologies/laravel)**
- **[DevSquad](https://devsquad.com/hire-laravel-developers)**
- **[Redberry](https://redberry.international/laravel-development)**
- **[Active Logic](https://activelogic.com)**
## Contributing
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
## Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
## Security Vulnerabilities
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.
## License
The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).
# Sidak Desa QR Code System
Sistem absensi menggunakan QR Code dengan token dinamis yang berubah secara otomatis.
## Fitur
- QR Code dengan token yang berubah setiap 60 detik
- Real-time update menggunakan Pusher
- Anti-replay protection dengan nonce
- Auto-refresh ketika token expired
- Force rotation ketika ada scan yang berhasil
## Konfigurasi
### 1. Environment Variables
Tambahkan konfigurasi berikut di file `.env`:
```env
# Broadcasting (Pusher)
BROADCAST_DRIVER=pusher
PUSHER_APP_KEY=your_pusher_key
PUSHER_APP_SECRET=your_pusher_secret
PUSHER_APP_ID=your_pusher_app_id
PUSHER_APP_CLUSTER=ap1
# Cache (Redis recommended)
CACHE_DRIVER=redis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
```
### 2. Pusher Setup
1. Daftar di [Pusher](https://pusher.com/)
2. Buat aplikasi baru
3. Copy credentials ke file `.env`
4. Pastikan channel `attendance.session.{sessionId}` diizinkan
## API Endpoints
### QR Code Generation
```
GET /api/attendance/sessions/{sessionId}/qrcode
```
### QR Code Verification
```
POST /api/attendance/verify
Content-Type: application/json
{
"token": "A1B2C3D4",
"user_id": 123,
"device_info": "iPhone 12"
}
```
### Force Rotate Token
```
POST /api/attendance/sessions/{sessionId}/rotate
```
## Halaman QR Code
```
GET /attendance/sessions/{sessionId}
```
## Cara Kerja
1. **Token Generation**: Server generate token baru setiap 60 detik
2. **Auto Refresh**: Frontend refresh token 2 detik sebelum expired
3. **Broadcast**: Server broadcast token baru ke semua client via Pusher
4. **Verification**: Ketika user scan, token divalidasi dan langsung generate token baru
5. **Anti-Replay**: Setiap token hanya bisa digunakan sekali dengan nonce
## Troubleshooting
### QR Code tidak berubah
1. Cek konfigurasi Pusher di `.env`
2. Cek console browser untuk error
3. Cek log Laravel untuk broadcast error
4. Pastikan `BROADCAST_DRIVER=pusher`
### Token tidak ter-generate
1. Cek cache driver (Redis/File)
2. Cek log Laravel
3. Test endpoint `/api/attendance/sessions/{sessionId}/qrcode`
### Broadcast tidak berfungsi
1. Cek koneksi internet
2. Cek Pusher dashboard untuk error
3. Cek browser console untuk WebSocket error
4. Pastikan channel name benar: `attendance.session.{sessionId}`
### Postman Test Gagal (409 Conflict - Replayed)
**Masalah**: Token yang digunakan sudah expired atau sudah pernah digunakan sebelumnya.
**Solusi**:
1. **Gunakan token terbaru**:
- Buka halaman test: `http://localhost:8000/test-qr`
- Klik "Get Latest Token" untuk mendapatkan token baru
- Copy token yang muncul di halaman test
- Gunakan token tersebut di Postman
2. **Test dengan endpoint khusus**:
```bash
# Dapatkan token terbaru
GET http://localhost:8000/api/attendance/sessions/1/latest-token
# Gunakan token yang didapat untuk verify
POST http://localhost:8000/api/attendance/verify
{
"token": "TOKEN_DARI_LATEST_TOKEN",
"user_id": 123,
"device_info": "Postman Test"
}
```
3. **Force rotate token**:
```bash
POST http://localhost:8000/api/attendance/sessions/1/rotate
```
**Catatan**:
- Token QR berubah setiap 60 detik
- Setiap token hanya bisa digunakan sekali (anti-replay protection)
- QR Code akan otomatis generate ulang setelah verifikasi (berhasil atau gagal)
- Gunakan halaman test untuk monitoring token terbaru
## Testing
### Manual Test QR Rotation
```bash
curl -X POST http://localhost:8000/api/attendance/sessions/1/rotate
```
### Test Verification
```bash
curl -X POST http://localhost:8000/api/attendance/verify \
-H "Content-Type: application/json" \
-d '{"token":"A1B2C3D4","user_id":123,"device_info":"test"}'
```
## Logs
Sistem akan mencatat log untuk:
- QR Token generation
- QR Token verification
- Broadcast events
- Error handling
Cek log di `storage/logs/laravel.log`
Reference in New Issue View Git Blame Copy Permalink