Update: 2026-06-25 00:50:19

siro_rider/lib/controller/auth/login_controller.dart

@@ -81,9 +81,9 @@ class LoginController extends GetxController {
   //   • firstTimeLoadKey != false  ← أول مرة يفتح التطبيق → loginFirstTime
   //   • firstTimeLoadKey == false  ← مستخدم موجود         → loginJwtRider
   // ─────────────────────────────────────────────────────────────
-  Future<void> getJWT() async {
+  Future<void> getJWT({bool force = false}) async {
     // إذا كان التوكن الحالي لا يزال صالحاً، لا داعي لطلب واحد جديد
-    if (isTokenValid()) {
+    if (!force && isTokenValid()) {
       Log.print("JWT is still valid. Skipping request.");
       return;
     }
@@ -198,6 +198,11 @@ class LoginController extends GetxController {
       final String decodedPayload = utf8.decode(base64Url.decode(payloadPart));
       final Map<String, dynamic> payload = jsonDecode(decodedPayload);
 
+      if (payload['token_type'] == 'registration') {
+        Log.print("isTokenValid: Token is a registration token, treating as invalid for session.");
+        return false;
+      }
+
       if (!payload.containsKey('exp')) {
         Log.print("isTokenValid: No 'exp' claim in token.");
         return false;
@@ -278,11 +283,20 @@ class LoginController extends GetxController {
         payload: {
           'platform': Platform.isAndroid ? 'android' : 'ios',
           'appName': AppInformation.appName,
+          'passengerID': passengerID,
         },
       );
 
+      if (res == 'token_expired' || res == 'failure' || res == 'error') {
+        Log.print('loginUsingCredentials: $res. Redirecting to PhoneNumberScreen to re-verify.');
+        box.erase();
+        storage.deleteAll();
+        Get.offAll(() => PhoneNumberScreen());
+        return;
+      }
+      
       // 2) فك JSON مرة واحدة والتحقق من النجاح
-      final decoded = jsonDecode(res);
+      final decoded = res is String ? jsonDecode(res) : res;
       if (decoded is! Map || decoded.isEmpty) return;
 
       if (decoded['status'] == 'failure' || decoded['status'] == 'Failure') {
@@ -333,7 +347,7 @@ class LoginController extends GetxController {
       }
 
       // إذا لم يكن موجوداً (توافقية قديمة)، نقوم بطلبه
-      String? tokenResp;
+      dynamic tokenResp;
       if (serverFCM == null) {
         tokenResp = await CRUD().get(
             link: AppLink.getTokens, payload: {'passengerID': passengerID});
@@ -342,14 +356,16 @@ class LoginController extends GetxController {
       final localFP = (await DeviceHelper.getDeviceFingerprint()).toString();
       await storage.write(key: BoxName.fingerPrint, value: localFP);
       await box.write(BoxName.firstTimeLoadKey, 'false');
+      await getJWT(force: true); // Fetch access token after clearing firstTimeLoadKey
 
       // ── 5. المقارنة: FCM token + fingerprint ──────────────────────
       if (email != '962798583052@intaleqapp.com') {
         if (serverFCM == null &&
             tokenResp != null &&
             tokenResp != 'failure' &&
-            tokenResp != 'error') {
-          final tokenJson = jsonDecode(tokenResp);
+            tokenResp != 'error' &&
+            tokenResp != 'token_expired') {
+          final tokenJson = tokenResp is String ? jsonDecode(tokenResp) : tokenResp;
           final serverData = tokenJson['data'] ?? tokenJson['message'];
           if (serverData is Map) {
             serverFCM = serverData['token']?.toString() ?? '';