fix: correct profile creation logic in registration process

- Removed the profile ID from the INSERT statement to align with the database schema, which uses SERIAL for IDs. - Updated comments for clarity regarding the profile creation process and verification status.
2026-04-29 10:46:37 +02:00 · 2026-04-29 10:46:37 +02:00 · d9d2d9e506
commit d9d2d9e506
parent e6a8931da8
1 changed files with 4 additions and 5 deletions
--- a/backend/routers/auth.py
+++ b/backend/routers/auth.py
@ -235,18 +235,17 @@ async def register(req: RegisterRequest, request: Request):
        verification_token = secrets.token_urlsafe(32)
        verification_expires = datetime.now(timezone.utc) + timedelta(hours=24)

-        # Create profile (inactive until verified)
-        profile_id = str(secrets.token_hex(16))
+        # Create profile (inactive until verified) — profiles.id ist SERIAL (INT), keine String-IDs einfügen.
        pin_hash = hash_pin(password)
        trial_ends = datetime.now(timezone.utc) + timedelta(days=14)  # 14-day trial

        cur.execute("""
            INSERT INTO profiles (
-                id, name, email, pin_hash, auth_type, role, tier,
+                name, email, pin_hash, auth_type, role, tier,
                email_verified, verification_token, verification_expires,
                trial_ends_at, created_at
-            ) VALUES (%s, %s, %s, %s, 'email', 'trainer', 'free', FALSE, %s, %s, %s, CURRENT_TIMESTAMP)
-        """, (profile_id, name, email, pin_hash, verification_token, verification_expires, trial_ends))
+            ) VALUES (%s, %s, %s, 'email', 'trainer', 'free', FALSE, %s, %s, %s, CURRENT_TIMESTAMP)
+        """, (name, email, pin_hash, verification_token, verification_expires, trial_ends))

    # Send verification email
    app_url = os.getenv("APP_URL", "https://mitai.jinkendo.de")