featur add fahrmeister

backend/src/controllers/auth.controller.ts

@@ -35,6 +35,7 @@ class AuthController {
 
       // Step 2: Get user info from Authentik
       const userInfo = await authentikService.getUserInfo(tokens.access_token);
+      const groups = userInfo.groups ?? [];
 
       // Step 3: Verify ID token if present
       if (tokens.id_token) {
@@ -65,6 +66,8 @@ class AuthController {
           profile_picture_url: userInfo.picture,
         });
 
+        await userService.updateGroups(user.id, groups);
+
         // Audit: first-ever login (user record creation)
         auditService.logAudit({
           user_id:       user.id,
@@ -86,6 +89,7 @@ class AuthController {
         });
 
         await userService.updateLastLogin(user.id);
+        await userService.updateGroups(user.id, groups);
 
         // Audit: returning user login
         auditService.logAudit({
@@ -132,6 +136,7 @@ class AuthController {
         userId:       user.id,
         email:        user.email,
         authentikSub: user.authentik_sub,
+        groups,
       });
 
       // Generate refresh token
@@ -161,6 +166,7 @@ class AuthController {
             familyName:        user.family_name,
             profilePictureUrl: user.profile_picture_url,
             isActive:          user.is_active,
+            groups,
           },
         },
       });