diff --git a/dashboard/backend/routers/passkey.py b/dashboard/backend/routers/passkey.py index f49d5a6..89343c7 100644 --- a/dashboard/backend/routers/passkey.py +++ b/dashboard/backend/routers/passkey.py @@ -95,6 +95,8 @@ async def passkey_register_verify(request: Request, current_user=Depends(auth.ge "sign_count": verification.sign_count, "name": body.get("name", "Passkey"), "created_at": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()), + "username": current_user.username, + "role": current_user.role, } ) return {"ok": True} @@ -149,19 +151,22 @@ async def passkey_login_verify(request: Request, response: Response): data["passkey_credentials"] = creds auth._save_auth_data(data) - username = config.ADMIN_USER + # Use stored username and role from passkey credential + username = matched.get("username", config.ADMIN_USER) + role = matched.get("role", "admin") + access_token = auth.create_access_token( - data={"sub": username, "role": "admin"}, + data={"sub": username, "role": role}, expires_delta=timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES), ) - refresh_token = auth.create_refresh_token(data={"sub": username, "role": "admin"}) + refresh_token = auth.create_refresh_token(data={"sub": username, "role": role}) auth.set_auth_cookies(response, access_token, refresh_token) return { "access_token": access_token, "refresh_token": refresh_token, "token_type": "bearer", "user": username, - "role": "admin", + "role": role, }