diff --git a/package.json b/package.json
index f8c24db..3c43eca 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
     "axios": "^1.7.2",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",
+    "crypto-js": "^4.2.0",
     "dotenv": "^16.4.5",
     "express": "^4.19.2",
     "http-proxy-middleware": "^3.0.0",
diff --git a/sso.js b/sso.js
index 4e7a8a0..9c241f4 100644
--- a/sso.js
+++ b/sso.js
@@ -11,6 +11,8 @@ const cors = require('cors');
 const jwt = require("jsonwebtoken");
 const fs = require("fs");
 const axios = require("axios");
+const CryptoJS = require("crypto-js");
+const secretKey = "uuidSecretKey2025"; // ใช้เป็นคีย์สำหรับเข้ารหัส
 
 const cookieName = process.env.SSO_COOKIE_NAME || "ssotoken";
 const privateKey = fs.readFileSync(`./BMA`, "utf8");
@@ -82,9 +84,12 @@ app.post("/api/v1/sso/kcauth", async (req, res) => {
     const publicKeyLanding = fs.readFileSync(`./BMA.pub.pem`, "utf8");
     const clientSecret = process.env.KC_CLIENT_SECRET;
     const clientId = process.env.KC_CLIENT_ID;
-    const username = req.body.uid;
 
     const cookies = req.cookies;
+    let uid = cookies["uid"];
+
+    let username = "";
+
     const tokenSSO = cookies[cookieName];
 
     if (!tokenSSO && !uid) {
@@ -102,6 +107,10 @@ app.post("/api/v1/sso/kcauth", async (req, res) => {
       // console.log("==== username from cookies ====", d);
       username = d.username;
 
+    } else if (uid) {
+      const bytes = CryptoJS.AES.decrypt(uid, secretKey);
+      const decrypted = bytes.toString(CryptoJS.enc.Utf8);
+      username = decrypted;
     }
 
     const oldssotoken = cookies['oldssotoken'];