userModel->findByEmail($email); if (!$user || !password_verify($password, $user['password_hash'])) { throw new Exception("البريد الإلكتروني أو كلمة المرور غير صحيحة"); } if (!$user['is_active']) { throw new Exception("هذا الحساب معطل حالياً"); } $accessToken = $this->jwtService->issueAccessToken([ 'user_id' => $user['id'], 'tenant_id' => $user['tenant_id'], 'role' => $user['role'] ]); $refreshToken = $this->jwtService->issueRefreshToken($user['id']); // Update refresh token hash in DB $this->userModel->update($user['id'], [ 'refresh_token_hash' => password_hash($refreshToken, PASSWORD_BCRYPT), 'last_login_at' => date('Y-m-d H:i:s'), 'last_login_ip' => $_SERVER['REMOTE_ADDR'] ?? null ]); return [ 'access_token' => $accessToken, 'refresh_token' => $refreshToken, 'user' => [ 'id' => $user['id'], 'name' => $user['name'], 'email' => $user['email'], 'role' => $user['role'] ] ]; } }