From 0e2df8dfef35c4a1516efbc01a786a58c256034f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=92=95=E8=B0=B7=E9=85=B1?= <gu@gmoe.cc>
Date: Sun, 12 Oct 2025 03:17:56 +0800
Subject: [PATCH] Fix trusted_device flag inversion in session creation

Corrects the logic for the trusted_device parameter when creating login sessions by inverting its value. This ensures that the session accurately reflects whether the device is trusted or not.
---
 app/router/auth.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/router/auth.py b/app/router/auth.py
index 99af7b8..b2ec619 100644
--- a/app/router/auth.py
+++ b/app/router/auth.py
@@ -396,12 +396,12 @@ async def oauth_token(
 
         if session_verification_method:
             await LoginSessionService.create_session(
-                db, user_id, token_id, ip_address, user_agent.raw_ua, trusted_device, web_uuid, False
+                db, user_id, token_id, ip_address, user_agent.raw_ua, not trusted_device, web_uuid, False
             )
             await LoginSessionService.set_login_method(user_id, token_id, session_verification_method, redis)
         else:
             await LoginSessionService.create_session(
-                db, user_id, token_id, ip_address, user_agent.raw_ua, trusted_device, web_uuid, True
+                db, user_id, token_id, ip_address, user_agent.raw_ua, not trusted_device, web_uuid, True
             )
 
         return TokenResponse(