revisi 13

.env.example

@@ -5,7 +5,7 @@ SUPABASE_KEY=
 SUPABASE_STORAGE_BUCKET=
 
 # Email redirect URL for Supabase auth (registration & password reset)
-SUPABASE_EMAIL_REDIRECT=https://yozora721-pnp-chatbot-v1.hf.space
+SUPABASE_EMAIL_REDIRECT=https://yozora721-pnp-chatbot-v1.hf.space/reset_password
 NEXT_PUBLIC_SITE_URL=https://yozora721-pnp-chatbot-v1.hf.space
 
 HUGGINGFACEHUB_API_TOKEN=

app/auth.py

@@ -31,62 +31,6 @@ def auth_view():
             unsafe_allow_html=True
         )
 
-        # --- Password recovery handler (Supabase redirect) ---
-        # 1) Move hash params to query params on first load, then reload once
-        st.markdown(
-            """
-            <script>
-            (function(){
-              // Check if we have hash parameters and haven't migrated yet
-              const hash = window.location.hash;
-              if (hash && hash.length > 1 && !sessionStorage.getItem('hash_migrated')) {
-                // Remove the # and parse as URLSearchParams
-                const hashParams = new URLSearchParams(hash.substring(1));
-                const queryParams = new URLSearchParams(window.location.search);
-                
-                // Copy all hash params to query params
-                let hasParams = false;
-                for (const [key, value] of hashParams.entries()) {
-                  queryParams.set(key, value);
-                  hasParams = true;
-                }
-                
-                if (hasParams) {
-                  // Build new URL with query params
-                  const newUrl = window.location.pathname + '?' + queryParams.toString();
-                  
-                  // Mark as migrated to prevent infinite loops
-                  sessionStorage.setItem('hash_migrated', 'true');
-                  
-                  // Replace current URL and clear hash
-                  window.history.replaceState(null, '', newUrl);
-                  window.location.hash = '';
-                  
-                  // Reload to let Streamlit process the new query params
-                  window.location.reload();
-                }
-              }
-            })();
-            </script>
-            """,
-            unsafe_allow_html=True,
-        )
-
-        # 2) Read query params for recovery flow
-        try:
-            qp = st.query_params  # Streamlit >= 1.30
-            get_q = lambda k: qp.get(k, None)
-        except Exception:
-            qp = st.experimental_get_query_params()
-            get_q = lambda k: (qp.get(k, [None])[0] if isinstance(qp.get(k, None), list) else qp.get(k, None))
-
-        q_type = get_q("type")
-        if q_type == "recovery":
-            # Redirect to dedicated reset password page
-            from app.reset_password import reset_password_view, handle_hash_to_query_migration
-            handle_hash_to_query_migration()
-            reset_password_view()
-            return
 
         # Auth tabs inside wrapper
         tab_login, tab_register, tab_forgot = st.tabs(["Login", "Register", "Forgot Password"])
@@ -140,7 +84,7 @@ def auth_view():
                         redirect_url = os.getenv(
                             "SUPABASE_EMAIL_REDIRECT",
                             os.getenv("NEXT_PUBLIC_SITE_URL", "https://yozora721-pnp-chatbot-v1.hf.space"),
-                        )
+                        ) + "/reset_password"
                         supabase.auth.sign_up({
                             "email": r_email,
                             "password": r_password,
@@ -161,7 +105,7 @@ def auth_view():
                     redirect_url = os.getenv(
                         "SUPABASE_EMAIL_REDIRECT",
                         os.getenv("NEXT_PUBLIC_SITE_URL", "https://yozora721-pnp-chatbot-v1.hf.space"),
-                    )
+                    ) + "/reset_password"
                     supabase.auth.reset_password_for_email(f_email, {"redirect_to": redirect_url})
                     st.success("Email reset password telah dikirim. Periksa kotak masuk Anda.")
                 except Exception as e:

{app → pages}/reset_password.py

@@ -4,8 +4,13 @@ import streamlit as st
 from app.db import supabase
 
 
-def reset_password_view():
-    """Dedicated reset password page for Supabase password recovery."""
+def main():
+    """Dedicated reset password page."""
+    
+    st.set_page_config(
+        page_title="Reset Password - PNP Bot", 
+        page_icon="assets/favicon.ico",    
+    )
     
     # Center the content
     left, center, right = st.columns([1, 2, 1])
@@ -48,15 +53,7 @@ def reset_password_view():
             st.info("Silakan kembali ke halaman login dan minta link reset password yang baru.")
             
             if st.button("← Kembali ke Login", type="primary"):
-                # Clear query params and redirect to main page
-                st.markdown(
-                    """
-                    <script>
-                    window.location.href = window.location.origin + window.location.pathname;
-                    </script>
-                    """,
-                    unsafe_allow_html=True
-                )
+                st.switch_page("app.py")
             return
         
         # Reset password form
@@ -83,15 +80,7 @@ def reset_password_view():
                 cancel_reset = st.form_submit_button("❌ Batal", use_container_width=True)
         
         if cancel_reset:
-            # Redirect to main page
-            st.markdown(
-                """
-                <script>
-                window.location.href = window.location.origin + window.location.pathname;
-                </script>
-                """,
-                unsafe_allow_html=True
-            )
+            st.switch_page("app.py")
         
         if submit_reset:
             # Validation
@@ -120,20 +109,11 @@ def reset_password_view():
                         st.success("✅ Password berhasil diubah!")
                         st.info("Silakan login dengan password baru Anda.")
                         
-                        # Clear tokens and redirect after success
-                        st.markdown(
-                            """
-                            <script>
-                            setTimeout(function() {
-                                window.location.href = window.location.origin + window.location.pathname;
-                            }, 3000);
-                            </script>
-                            """,
-                            unsafe_allow_html=True
-                        )
+                        # Show countdown and redirect button
+                        st.markdown("*Klik tombol di bawah untuk kembali ke halaman login.*")
                         
-                        # Show countdown
-                        st.markdown("*Akan dialihkan ke halaman login dalam 3 detik...*")
+                        if st.button("🏠 Kembali ke Login", type="primary"):
+                            st.switch_page("app.py")
                     else:
                         st.error("❌ Gagal mengubah password. Silakan coba lagi.")
                         
@@ -142,43 +122,5 @@ def reset_password_view():
                 st.info("Link mungkin sudah kedaluwarsa. Silakan minta link reset password yang baru.")
 
 
-def handle_hash_to_query_migration():
-    """Handle migration of hash parameters to query parameters for password recovery."""
-    st.markdown(
-        """
-        <script>
-        (function(){
-          // Check if we have hash parameters and haven't migrated yet
-          const hash = window.location.hash;
-          if (hash && hash.length > 1 && !sessionStorage.getItem('hash_migrated_reset')) {
-            // Remove the # and parse as URLSearchParams
-            const hashParams = new URLSearchParams(hash.substring(1));
-            const queryParams = new URLSearchParams(window.location.search);
-            
-            // Copy all hash params to query params
-            let hasParams = false;
-            for (const [key, value] of hashParams.entries()) {
-              queryParams.set(key, value);
-              hasParams = true;
-            }
-            
-            if (hasParams) {
-              // Build new URL with query params
-              const newUrl = window.location.pathname + '?' + queryParams.toString();
-              
-              // Mark as migrated to prevent infinite loops
-              sessionStorage.setItem('hash_migrated_reset', 'true');
-              
-              // Replace current URL and clear hash
-              window.history.replaceState(null, '', newUrl);
-              window.location.hash = '';
-              
-              // Reload to let Streamlit process the new query params
-              window.location.reload();
-            }
-          }
-        })();
-        </script>
-        """,
-        unsafe_allow_html=True,
-    )
+if __name__ == "__main__":
+    main()