fixes: favoritos y mas cosas

Signed-off-by: Omar Sánchez Pizarro <omar.sanchez@pistacero.net>

web/backend/routes/users.js

@@ -3,6 +3,7 @@ import bcrypt from 'bcrypt';
 import { getDB, getUser, createUser, deleteUser as deleteUserFromDB, getAllUsers, updateUserPassword } from '../services/mongodb.js';
 import { basicAuthMiddleware, createSession, invalidateSession, invalidateUserSessions } from '../middlewares/auth.js';
 import { adminAuthMiddleware } from '../middlewares/adminAuth.js';
+import { combineFingerprint } from '../utils/fingerprint.js';
 
 const router = express.Router();
 
@@ -14,7 +15,7 @@ router.post('/login', async (req, res) => {
       return res.status(500).json({ error: 'MongoDB no está disponible' });
     }
     
-    const { username, password } = req.body;
+    const { username, password, fingerprint: clientFingerprint, deviceInfo: clientDeviceInfo } = req.body;
     
     if (!username || !password) {
       return res.status(400).json({ error: 'username y password son requeridos' });
@@ -41,8 +42,11 @@ router.post('/login', async (req, res) => {
       return res.status(401).json({ error: 'Invalid credentials', message: 'Usuario o contraseña incorrectos' });
     }
     
-    // Crear sesión/token
-    const token = await createSession(username);
+    // Generar fingerprint del dispositivo
+    const { fingerprint, deviceInfo } = combineFingerprint(clientFingerprint, clientDeviceInfo, req);
+    
+    // Crear sesión/token con fingerprint
+    const token = await createSession(username, fingerprint, deviceInfo);
     
     // Obtener rol del usuario
     const userRole = user.role || 'user';