Update: 2026-06-26 02:00:23

2026-06-26 02:00:23 +03:00
parent bd3ba7ecd7
commit 21f5105fa1
20 changed files with 175 additions and 114 deletions
--- a/backend/serviceapp/login.php
+++ b/backend/serviceapp/login.php
@@ -20,10 +20,14 @@ try {
    
    // البحث بالبصمة للموظف
    $fpHash = hash('sha256', $fingerprint);
+    $foundByFingerprint = false;
    $sql = "SELECT * FROM `users` WHERE `fingerprint_hash` = :fp AND `user_type` = 'service' LIMIT 1";
    $stmt = $con->prepare($sql);
    $stmt->execute([':fp' => $fpHash]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
+    if ($user) {
+        $foundByFingerprint = true;
+    }

    // إذا لم يتم العثور بالبصمة، وتم تمرير الإيميل (تسجيل دخول لأول مرة أو من جهاز جديد)
    if (!$user && !empty($email)) {
@@ -109,7 +113,9 @@ try {
                "message" => "Login successful",
                "data" => $user,
                "jwt" => $jwt,
-                "expires_in" => $expires_in
+                "expires_in" => $expires_in,
+                "hmac" => hash_hmac('sha256', (string)$user['id'], getenv('SECRET_KEY_HMAC') ?: ''),
+                "otp_required" => !$foundByFingerprint
            ]);