app/Http/Middleware/ForcePasswordChange.php

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;

class ForcePasswordChange
{
    public function handle(Request $request, Closure $next): Response
    {
        // Cek jika user login DAN wajib ganti password
        if (Auth::check() && Auth::user()->must_change_password) {
            
            // Pengecualian agar tidak terjebak dalam loop: 
            // Izinkan akses ke rute ganti password dan rute logout
            $allowedRoutes = ['password.force-change', 'password.force-update', 'logout'];
            
            if (!in_array($request->route()->getName(), $allowedRoutes)) {
                return redirect()->route('password.force-change');
            }
        }

        return $next($request);
    }
}
Initial commit - lms-v2 + CLAUDE.md 2026-05-30 22:15:16 +07:00			`<?php`

			`namespace App\Http\Middleware;`

			`use Closure;`
			`use Illuminate\Http\Request;`
			`use Illuminate\Support\Facades\Auth;`
			`use Symfony\Component\HttpFoundation\Response;`

			`class ForcePasswordChange`
			`{`
			`public function handle(Request $request, Closure $next): Response`
			`{`
			`// Cek jika user login DAN wajib ganti password`
			`if (Auth::check() && Auth::user()->must_change_password) {`

			`// Pengecualian agar tidak terjebak dalam loop:`
			`// Izinkan akses ke rute ganti password dan rute logout`
			`$allowedRoutes = ['password.force-change', 'password.force-update', 'logout'];`

			`if (!in_array($request->route()->getName(), $allowedRoutes)) {`
			`return redirect()->route('password.force-change');`
			`}`
			`}`

			`return $next($request);`
			`}`
			`}`