From 1983f99515a37c0e698068affec5c55c654913e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Germ=C3=A1n=20Mart=C3=ADn?= <github@gmartin.net>
Date: Mon, 3 Nov 2025 22:03:11 +0100
Subject: [PATCH] feat(auth): implement role assignment for new users during
 OAuth login

---
 apps/api/src/app/auth/auth.service.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/apps/api/src/app/auth/auth.service.ts b/apps/api/src/app/auth/auth.service.ts
index a6ee5d260..75661fe98 100644
--- a/apps/api/src/app/auth/auth.service.ts
+++ b/apps/api/src/app/auth/auth.service.ts
@@ -60,11 +60,15 @@ export class AuthService {
           throw new Error('Sign up forbidden');
         }
 
+        // Check if there's already an admin user
+        const hasAdmin = await this.userService.hasAdmin();
+
         // Create new user if not found
         user = await this.userService.createUser({
           data: {
             provider,
-            thirdPartyId
+            thirdPartyId,
+            role: hasAdmin ? 'USER' : 'ADMIN'
           }
         });
       }