api login method

api/edge/bff/internal/server/verificationimp/token.go

@@ -9,9 +9,9 @@ import (
 	emodel "github.com/tech/sendico/server/interface/model"
 )
 
-func (a *VerificationAPI) createAccessToken(account *model.Account) (sresponse.TokenData, error) {
+func (a *VerificationAPI) createAccessToken(account *model.Account, clientID string) (sresponse.TokenData, error) {
 	ja := jwtauth.New(a.signature.Algorithm, a.signature.PrivateKey, a.signature.PublicKey)
-	_, res, err := ja.Encode(emodel.Account2Claims(account, a.tokenConfig.Expiration.Account))
+	_, res, err := ja.Encode(emodel.Account2ClaimsForClient(account, a.tokenConfig.Expiration.Account, clientID))
 	token := sresponse.TokenData{
 		Token:      res,
 		Expiration: time.Now().Add(time.Duration(a.tokenConfig.Expiration.Account) * time.Hour),

api/edge/bff/internal/server/verificationimp/verify.go

@@ -53,7 +53,7 @@ func (a *VerificationAPI) verifyCode(r *http.Request, account *model.Account, to
 		if req.SessionIdentifier.ClientID == "" || req.SessionIdentifier.DeviceID == "" {
 			return response.BadRequest(a.logger, a.Name(), "missing_session", "session identifier is required")
 		}
-		accessToken, err := a.createAccessToken(account)
+		accessToken, err := a.createAccessToken(account, req.SessionIdentifier.ClientID)
 		if err != nil {
 			a.logger.Warn("Failed to generate access token", zap.Error(err))
 			return response.Internal(a.logger, a.Name(), err)