Added OrganizationID in JWT token

2025-09-21 11:44:38 +05:30 · 2025-09-21 11:44:38 +05:30 · a1f6552347
commit a1f6552347
parent 06c5457981
2 changed files with 15 additions and 13 deletions
--- a/Marco.Pms.Services/Controllers/AuthController.cs
+++ b/Marco.Pms.Services/Controllers/AuthController.cs
@ -104,8 +104,8 @@ namespace MarcoBMS.Services.Controllers
                }

                // Generate tokens
-                var token = _refreshTokenService.GenerateJwtToken(user.UserName, emp.TenantId ?? Guid.Empty, _jwtSettings);
-                var refreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, emp.TenantId.ToString(), _jwtSettings);
+                var token = _refreshTokenService.GenerateJwtToken(user.UserName, emp.TenantId ?? Guid.Empty, emp.OrganizationId, _jwtSettings);
+                var refreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, emp.TenantId.ToString(), emp.OrganizationId, _jwtSettings);

                _logger.LogInfo("User login successful - UserId: {UserId}", user.Id);
                return Ok(ApiResponse<object>.SuccessResponse(new
@ -202,11 +202,11 @@ namespace MarcoBMS.Services.Controllers
                _logger.LogInfo("Successfully found employee details for tenant ID: {TenantId}", emp.TenantId ?? Guid.Empty);

                // Generate JWT token
-                var token = _refreshTokenService.GenerateJwtToken(user.UserName, emp.TenantId ?? Guid.Empty, _jwtSettings);
+                var token = _refreshTokenService.GenerateJwtToken(user.UserName, emp.TenantId ?? Guid.Empty, emp.OrganizationId, _jwtSettings);

                // Generate a new refresh token and store it in the database.
                _logger.LogInfo("Generating and storing Refresh Token for user: {Username}", user.UserName);
-                var refreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, emp.TenantId.ToString(), _jwtSettings);
+                var refreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, emp.TenantId.ToString(), emp.OrganizationId, _jwtSettings);

                // Fetch MPIN Token
                var mpinToken = await _context.MPINDetails.FirstOrDefaultAsync(p => p.UserId == Guid.Parse(user.Id));
@ -350,8 +350,8 @@ namespace MarcoBMS.Services.Controllers
                }

                // Generate new tokens
-                var jwtToken = _refreshTokenService.GenerateJwtToken(requestEmployee.Email, tenantId, _jwtSettings);
-                var refreshToken = await _refreshTokenService.CreateRefreshToken(requestEmployee.ApplicationUserId, tenantId.ToString(), _jwtSettings);
+                var jwtToken = _refreshTokenService.GenerateJwtToken(requestEmployee.Email, tenantId, requestEmployee.OrganizationId, _jwtSettings);
+                var refreshToken = await _refreshTokenService.CreateRefreshToken(requestEmployee.ApplicationUserId, tenantId.ToString(), requestEmployee.OrganizationId, _jwtSettings);

                _logger.LogInfo("MPIN verification successful - EmployeeId: {EmployeeId}", requestEmployee.Id);

@ -737,8 +737,8 @@ namespace MarcoBMS.Services.Controllers
                // Step 4: Fetch employee and generate new tokens
                var emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id);

-                var newJwtToken = _refreshTokenService.GenerateJwtToken(user.UserName, tenantId, _jwtSettings);
-                var newRefreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, tenantId.ToString(), _jwtSettings);
+                var newJwtToken = _refreshTokenService.GenerateJwtToken(user.UserName, tenantId, emp.OrganizationId, _jwtSettings);
+                var newRefreshToken = await _refreshTokenService.CreateRefreshToken(user.Id, tenantId.ToString(), emp.OrganizationId, _jwtSettings);

                _logger.LogInfo("New access and refresh token issued for user: {UserId}", user.Id);

@ -1378,10 +1378,10 @@ namespace MarcoBMS.Services.Controllers
            }

            // Generate JWT token scoped to selected tenant and logged-in employee
-            var token = _refreshTokenService.GenerateJwtToken(loggedInEmployee.Email, tenantOrganization.TenantId, _jwtSettings);
+            var token = _refreshTokenService.GenerateJwtToken(loggedInEmployee.Email, tenantOrganization.TenantId, loggedInEmployee.OrganizationId, _jwtSettings);

            // Generate and store refresh token
-            var refreshToken = await _refreshTokenService.CreateRefreshToken(loggedInEmployee.ApplicationUserId, tenantOrganization.TenantId.ToString(), _jwtSettings);
+            var refreshToken = await _refreshTokenService.CreateRefreshToken(loggedInEmployee.ApplicationUserId, tenantOrganization.TenantId.ToString(), loggedInEmployee.OrganizationId, _jwtSettings);

            _logger.LogInfo("Tenant selected and tokens generated for TenantId: {TenantId} and Employee: {EmployeeEmail}", tenantId, loggedInEmployee.Email ?? string.Empty);

--- a/Marco.Pms.Services/Service/RefreshTokenService.cs
+++ b/Marco.Pms.Services/Service/RefreshTokenService.cs
@ -32,7 +32,7 @@ namespace MarcoBMS.Services.Service
            {
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Sub, username),
-                new Claim("OrganizationId", organizationId.ToString()), // Add TenantId claim
+                new Claim("OrganizationId", organizationId.ToString()), // Add OrganizationId claim
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())            };

            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
@ -97,7 +97,7 @@ namespace MarcoBMS.Services.Service
                throw;
            }
        }
-        public string GenerateJwtToken(string username, Guid tenantId, JwtSettings _jwtSettings)
+        public string GenerateJwtToken(string username, Guid tenantId, Guid organizationId, JwtSettings _jwtSettings)
        {

            // Custom claims
@ -106,6 +106,7 @@ namespace MarcoBMS.Services.Service
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Sub, username),
                new Claim("TenantId", tenantId.ToString()), // Add TenantId claim
+                new Claim("OrganizationId", organizationId.ToString()),
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())            };

            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
@ -120,7 +121,7 @@ namespace MarcoBMS.Services.Service

            return new JwtSecurityTokenHandler().WriteToken(token);
        }
-        public async Task<string> CreateRefreshToken(string userId, string tenantId, JwtSettings jwtSettings)
+        public async Task<string> CreateRefreshToken(string userId, string tenantId, Guid organizationId, JwtSettings jwtSettings)
        {
            try
            {
@ -128,6 +129,7 @@ namespace MarcoBMS.Services.Service
                {
                    new Claim(ClaimTypes.NameIdentifier, userId),
                    new Claim("TenantId", tenantId),
+                    new Claim("OrganizationId", organizationId.ToString()),
                    new Claim("token_type", "refresh")
                };