Hamza/intaleq_v3_pure_php
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin 13

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-01 00:49:58 +03:00
parent 312608de93
commit cf80244005
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
core/Auth/JwtService.php
View File

@@ -134,9 +134,9 @@ class JwtService
self::abort(401, 'Invalid token');
}
// 3. Issuer
if (($decoded->iss ?? '') !== $this->issuer) {
self::abort(401, 'Invalid token issuer');
// 3. Issuer (Only check if configured)
if (!empty($this->issuer) && ($decoded->iss ?? '') !== $this->issuer) {
self::abort(401, 'Invalid token issuer: expected ' . $this->issuer . ' but got ' . ($decoded->iss ?? 'none'));
}
// 4. User ID
@@ -232,6 +232,7 @@ class JwtService
private static function abort(int $code, string $message): never
{
error_log("[JWT_AUTH_FAILED] Code: $code | Message: $message | IP: " . ($_SERVER['REMOTE_ADDR'] ?? '?') . " | URI: " . ($_SERVER['REQUEST_URI'] ?? '?'));
http_response_code($code);
echo json_encode(['error' => $message]);
exit;