Fix: UTC fuer interne Timer, Berlin nur fuer Anzeige

Korrektur: Alle DB-Timestamps (refresh_log, created_at, updated_at, auth, notifications) bleiben UTC fuer korrekte Timer-Vergleiche. Europe/Berlin nur fuer angezeigte Werte (Exporte, Prompts, API). Verhindert zu fruehes Ausloesen des Auto-Refresh-Timers. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 02:40:02 +01:00
Commit a8e9f34ff8
--- a/src/auth.py
+++ b/src/auth.py
@@ -1,7 +1,7 @@
 """JWT-Authentifizierung mit Magic-Link-Support und Multi-Tenancy."""
 import secrets
 import string
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from jose import jwt, JWTError
 from fastapi import Depends, HTTPException, status
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
@@ -23,7 +23,7 @@ def create_token(
    org_slug: str = None,
 ) -> str:
    """JWT-Token erstellen mit Tenant-Kontext."""
-    now = datetime.now(TIMEZONE)
+    now = datetime.now(timezone.utc)
    expire = now + timedelta(hours=JWT_EXPIRE_HOURS)
    payload = {
        "sub": str(user_id),