Hamza/intaleq_v3_pure_php
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin 13

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-01 00:49:58 +03:00
parent 312608de93
commit cf80244005
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Admin/auth/loginWallet.php
View File

@@ -14,6 +14,8 @@ use Firebase\JWT\JWT;
$jwtService = new JwtService($redis ?? null); $jwtService = new JwtService($redis ?? null);
$admin = $jwtService->authenticate(); $admin = $jwtService->authenticate();
error_log("[Wallet_SSO] Authenticated Admin ID: " . ($admin->user_id ?? 'N/A') . " | Role: " . ($admin->role ?? 'N/A'));
if ($admin->role !== 'admin' && $admin->role !== 'super_admin') { if ($admin->role !== 'admin' && $admin->role !== 'super_admin') {
jsonError("Unauthorized. Admin access required."); jsonError("Unauthorized. Admin access required.");
exit; exit;
@@ -47,7 +49,7 @@ try {
'iss' => $issuer, 'iss' => $issuer,
'aud' => $audience, 'aud' => $audience,
'user_id' => $admin->user_id, 'user_id' => $admin->user_id,
'role' => $admin->role, // استخدام الـ role الحالي (admin أو super_admin) 'role' => 'admin', // نرسل 'admin' للمحفظة لضمان التوافق مع برمجياتها القديمة
'iat' => $iat, 'iat' => $iat,
'exp' => $exp, 'exp' => $exp,
'jti' => $jti 'jti' => $jti

7
core/Auth/JwtService.php
View File

@@ -134,9 +134,9 @@ class JwtService
self::abort(401, 'Invalid token'); self::abort(401, 'Invalid token');
} }
// 3. Issuer // 3. Issuer (Only check if configured)
if (($decoded->iss ?? '') !== $this->issuer) { if (!empty($this->issuer) && ($decoded->iss ?? '') !== $this->issuer) {
self::abort(401, 'Invalid token issuer'); self::abort(401, 'Invalid token issuer: expected ' . $this->issuer . ' but got ' . ($decoded->iss ?? 'none'));
} }
// 4. User ID // 4. User ID
@@ -232,6 +232,7 @@ class JwtService
private static function abort(int $code, string $message): never private static function abort(int $code, string $message): never
{ {
error_log("[JWT_AUTH_FAILED] Code: $code | Message: $message | IP: " . ($_SERVER['REMOTE_ADDR'] ?? '?') . " | URI: " . ($_SERVER['REQUEST_URI'] ?? '?'));
http_response_code($code); http_response_code($code);
echo json_encode(['error' => $message]); echo json_encode(['error' => $message]);
exit; exit;