admin 13

Admin/auth/loginWallet.php

@@ -14,6 +14,8 @@ use Firebase\JWT\JWT;
 $jwtService = new JwtService($redis ?? null);
 $admin = $jwtService->authenticate(); 
 
+error_log("[Wallet_SSO] Authenticated Admin ID: " . ($admin->user_id ?? 'N/A') . " | Role: " . ($admin->role ?? 'N/A'));
+
 if ($admin->role !== 'admin' && $admin->role !== 'super_admin') {
     jsonError("Unauthorized. Admin access required.");
     exit;
@@ -47,7 +49,7 @@ try {
         'iss'     => $issuer,
         'aud'     => $audience,
         'user_id' => $admin->user_id,
-        'role'    => $admin->role, // استخدام الـ role الحالي (admin أو super_admin)
+        'role'    => 'admin', // نرسل 'admin' للمحفظة لضمان التوافق مع برمجياتها القديمة
         'iat'     => $iat,
         'exp'     => $exp,
         'jti'     => $jti

core/Auth/JwtService.php

@@ -134,9 +134,9 @@ class JwtService
             self::abort(401, 'Invalid token');
         }
 
-        // 3. Issuer
-        if (($decoded->iss ?? '') !== $this->issuer) {
-            self::abort(401, 'Invalid token issuer');
+        // 3. Issuer (Only check if configured)
+        if (!empty($this->issuer) && ($decoded->iss ?? '') !== $this->issuer) {
+            self::abort(401, 'Invalid token issuer: expected ' . $this->issuer . ' but got ' . ($decoded->iss ?? 'none'));
         }
 
         // 4. User ID
@@ -232,6 +232,7 @@ class JwtService
 
     private static function abort(int $code, string $message): never
     {
+        error_log("[JWT_AUTH_FAILED] Code: $code | Message: $message | IP: " . ($_SERVER['REMOTE_ADDR'] ?? '?') . " | URI: " . ($_SERVER['REQUEST_URI'] ?? '?'));
         http_response_code($code);
         echo json_encode(['error' => $message]);
         exit;