From 0e6a028ef0e33b938051990bb2c9ddb17e97e185 Mon Sep 17 00:00:00 2001
From: RevIQ <me@rev.iq>
Date: Fri, 9 Jan 2026 18:31:31 +0800
Subject: [PATCH] Add missing hasPassword property to user responses

The API contract requires hasPassword in user responses but it was
missing from toUserResponse helper and meAuthStatus handler.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 apps/api-server/src/procedures/admin/helpers.ts | 1 +
 apps/api-server/src/router.ts                   | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/apps/api-server/src/procedures/admin/helpers.ts b/apps/api-server/src/procedures/admin/helpers.ts
index d4614b8..fc0a3ec 100644
--- a/apps/api-server/src/procedures/admin/helpers.ts
+++ b/apps/api-server/src/procedures/admin/helpers.ts
@@ -25,6 +25,7 @@ export const toUserResponse = (user: Selectable<Users>) => ({
   emailVerified: user.email_verified_at !== null,
   needsSetup: user.display_name === null,
   isSuperuser: user.is_superuser,
+  hasPassword: user.password_hash !== null,
 });
 
 /** Transform site record to API response format */
diff --git a/apps/api-server/src/router.ts b/apps/api-server/src/router.ts
index cfec7df..043125a 100644
--- a/apps/api-server/src/router.ts
+++ b/apps/api-server/src/router.ts
@@ -201,6 +201,7 @@ const meAuthStatus = os.me.authStatus
         "avatar_url",
         "email_verified_at",
         "is_superuser",
+        "password_hash",
       ])
       .where("id", "=", context.user.id)
       .executeTakeFirstOrThrow();
@@ -216,6 +217,7 @@ const meAuthStatus = os.me.authStatus
         emailVerified: user.email_verified_at !== null,
         needsSetup: user.display_name === null,
         isSuperuser: user.is_superuser,
+        hasPassword: user.password_hash !== null,
       },
       auth: context.auth,
     };