From 86953b952431e3ac3d6de7a373da85c8968f3515 Mon Sep 17 00:00:00 2001
From: Dave Horton <daveh@beachdognet.com>
Date: Mon, 19 Dec 2022 08:50:23 -0500
Subject: [PATCH] encode account name and sp name as part of jwt (#86)

---
 lib/routes/api/login.js | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/lib/routes/api/login.js b/lib/routes/api/login.js
index 092b961..56bffc4 100644
--- a/lib/routes/api/login.js
+++ b/lib/routes/api/login.js
@@ -2,6 +2,8 @@ const router = require('express').Router();
 const jwt = require('jsonwebtoken');
 const {verifyPassword} = require('../../utils/password-utils');
 const {promisePool} = require('../../db');
+const Account = require('../../models/account');
+const ServiceProvider = require('../../models/service-provider');
 const sysError = require('../error');
 const retrievePemissionsSql = `
 SELECT p.name 
@@ -41,19 +43,32 @@ router.post('/', async(req, res) => {
     const permissions = p.map((x) => x.name);
     const obj = {user_sid: r[0].user_sid, scope: 'admin', force_change, permissions};
     if (r[0].service_provider_sid && r[0].account_sid) {
+      const account = await Account.retrieve(r[0].account_sid);
+      const service_provider = await ServiceProvider.retrieve(r[0].service_provider_sid);
       obj.scope = 'account';
       obj.service_provider_sid = r[0].service_provider_sid;
       obj.account_sid = r[0].account_sid;
+      obj.account_name = account[0].name;
+      obj.service_provider_name = service_provider[0].name;
     }
     else if (r[0].service_provider_sid) {
+      const service_provider = await ServiceProvider.retrieve(r[0].service_provider_sid);
       obj.scope = 'service_provider';
       obj.service_provider_sid = r[0].service_provider_sid;
+      obj.service_provider_name = service_provider[0].name;
     }
     const payload = {
       scope: obj.scope,
       permissions,
-      service_provider_sid: obj.service_provider_sid,
-      account_sid: obj.account_sid,
+      ...(obj.service_provider_sid && {
+        service_provider_sid: obj.service_provider_sid,
+        service_provider_name: obj.service_provider_name
+      }),
+      ...(obj.account_sid && {
+        account_sid: obj.account_sid,
+        account_name: obj.account_name,
+        service_provider_name: obj.service_provider_name
+      }),
       user_sid: obj.user_sid
     };
     const token = jwt.sign(