From e64ecfd023124a7c92ea8cbf8c467d51bff58503 Mon Sep 17 00:00:00 2001
From: devthejo <devthejo@protonmail.com>
Date: Sun, 11 Jan 2026 15:07:59 +0100
Subject: [PATCH] fix: default jwt role

---
 libs/common/oapi/services/sort-roles-by-level.js       | 10 ----------
 services/api/src/api/v1/services/auth-token-handler.js |  4 +---
 2 files changed, 1 insertion(+), 13 deletions(-)
 delete mode 100644 libs/common/oapi/services/sort-roles-by-level.js

diff --git a/libs/common/oapi/services/sort-roles-by-level.js b/libs/common/oapi/services/sort-roles-by-level.js
deleted file mode 100644
index 43fd5b0..0000000
--- a/libs/common/oapi/services/sort-roles-by-level.js
+++ /dev/null
@@ -1,10 +0,0 @@
-module.exports = function () {
-  const rolesByLevel = {
-    admin: 1,
-    user: 100,
-  }
-
-  return function sortRolesByLevel(roles) {
-    return roles.sort((a, b) => rolesByLevel[a] - rolesByLevel[b])
-  }
-}
diff --git a/services/api/src/api/v1/services/auth-token-handler.js b/services/api/src/api/v1/services/auth-token-handler.js
index 22abe43..3ea6cc7 100644
--- a/services/api/src/api/v1/services/auth-token-handler.js
+++ b/services/api/src/api/v1/services/auth-token-handler.js
@@ -142,10 +142,8 @@ module.exports = ({ services }) => {
   }
 
   async function generateUserJwt(userId, deviceId, roles) {
-    const [defaultRole] = services.sortRolesByLevel(roles)
-
     const hasuraClaim = {}
-    hasuraClaim["x-hasura-default-role"] = defaultRole
+    hasuraClaim["x-hasura-default-role"] = "user"
     hasuraClaim["x-hasura-allowed-roles"] = roles
     hasuraClaim["x-hasura-user-id"] = userId.toString()
     hasuraClaim["x-hasura-device-id"] = deviceId.toString()