fix: mtls for agent, problems with auth

backend/internal/repository/repository.go

@@ -26,7 +26,12 @@ var ErrAccountInactive = errors.New("account is not activated")
 // Init creates the tokens table if it does not exist.
 func (r *Repository) Init() error {
 	_, err := r.DB.Exec(storage.CreateSqlite)
-	return err
+	if err != nil {
+		return err
+	}
+	// Migration: add is_active column if it doesn't exist (SQLite ignores errors for duplicate column)
+	_, _ = r.DB.Exec(storage.AddIsActiveColumn)
+	return nil
 }
 
 // CreateToken inserts a new user record with hashed password and generated token.
@@ -46,7 +51,7 @@ func (r *Repository) CreateToken(tc TokenCreate) (string, error) {
 		`INSERT INTO tokens (name, last_name, login, password, token, permission_view, permission_manage_agent, permission_admin, is_active)
 		 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
 		tc.Name, tc.LastName, tc.Login, string(hashed), token,
-		tc.PermissionView, tc.PermissionManage, tc.PermissionAdmin, false,
+		tc.PermissionView, tc.PermissionManage, tc.PermissionAdmin, tc.IsActive,
 	)
 	if err != nil {
 		return "", err

backend/internal/storage/migrations.go

@@ -15,6 +15,12 @@ const CreateSqlite = `
 );
 `
 
+// AddIsActiveColumn adds is_active column to tokens table if it doesn't exist.
+// This is a migration for existing databases that don't have this column.
+const AddIsActiveColumn = `
+	ALTER TABLE tokens ADD COLUMN is_active BOOL NOT NULL DEFAULT 0
+`
+
 const CreateRegistrationTokensTable = `
 CREATE TABLE IF NOT EXISTS registration_tokens (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,

backend/internal/storage/sqlite.go

@@ -36,5 +36,8 @@ func Open(path string) (*sql.DB, error) {
 		return nil, fmt.Errorf("migrate: %w", err)
 	}
 
+	// Migration: add is_active column if it doesn't exist
+	_, _ = db.Exec(AddIsActiveColumn)
+
 	return db, nil
 }