diff --git a/core/Auth/JwtService.php b/core/Auth/JwtService.php
index 91436b8..11e980b 100644
--- a/core/Auth/JwtService.php
+++ b/core/Auth/JwtService.php
@@ -267,6 +267,8 @@ class JwtService
                 error_log("[SECURITY] HMAC mismatch | user: $userId | IP: " . ($_SERVER['REMOTE_ADDR'] ?? '?'));
                 self::abort(403, 'Invalid HMAC signature');
             }
+
+
         }
 
         return $decoded;
diff --git a/serviceapp/login.php b/serviceapp/login.php
index b45798b..4904385 100755
--- a/serviceapp/login.php
+++ b/serviceapp/login.php
@@ -78,13 +78,18 @@ try {
                 $expires_in = $ttl;
             }
 
+            // توليد مفتاح HMAC فريد للمستخدم (للتوافق مع CRUD الجديد)
+            $hmacKey = hash_hmac('sha256', (string)$user['id'], getenv('SECRET_KEY_HMAC'));
+
             printSuccess([
                 "message" => "Login successful",
                 "data" => $user,
                 "jwt" => $jwt,
+                "hmac" => $hmacKey,
                 "expires_in" => $expires_in
             ]);
 
+
         } else {
             jsonError("Incorrect password");
         }