middleware('guest')->except('logout'); } // Menampilkan form login public function showLoginForm() { return view('auth.login'); } // Memproses login public function login(Request $request) { // Validasi input $credentials = $request->validate([ 'username' => ['required', 'string'], 'password' => ['required', 'string'], ]); // Coba login if (Auth::attempt($credentials)) { $user = Auth::user(); // Cek apakah email sudah diverifikasi if (!$user->is_verified) { Auth::logout(); return redirect()->route('login') ->with('error', 'Email Anda belum diverifikasi. Silakan cek email Anda untuk link verifikasi. Jika Anda belum menerima email verifikasi, silakan klik link di bawah untuk mengirim ulang.') ->with('show_resend', true); } // Regenerate session $request->session()->regenerate(); // Redirect berdasarkan role user if (Auth::user()->role === 'admin') { return redirect()->route('admin.dashboard'); } // Jika bukan admin, redirect ke dashboard biasa return redirect()->intended(route('dashboard')); } // Jika gagal, tampilkan error throw ValidationException::withMessages([ 'username' => ['Username atau password salah.'], ]); } public function logout(Request $request) { // 1. Logout user Auth::logout(); // 2. Invalidate session $request->session()->invalidate(); // 3. Regenerate CSRF token $request->session()->regenerateToken(); // 4. Redirect ke login return redirect()->route('login'); } }