From d9049adb465d202a8a2e0b202f0076cc371ac955 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Thu, 22 Jan 2026 19:05:35 -0300
Subject: [PATCH] fix: reveal temp password when requested

---
 backend/atlas_portal/routes/access_requests.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/atlas_portal/routes/access_requests.py b/backend/atlas_portal/routes/access_requests.py
index 25a1a6a..6190ab7 100644
--- a/backend/atlas_portal/routes/access_requests.py
+++ b/backend/atlas_portal/routes/access_requests.py
@@ -630,6 +630,9 @@ def register(app) -> None:
 
         payload = request.get_json(silent=True) or {}
         code = (payload.get("request_code") or payload.get("code") or "").strip()
+        reveal_initial_password = bool(
+            payload.get("reveal_initial_password") or payload.get("reveal_password")
+        )
         token = (payload.get("token") or payload.get("verify") or "").strip()
         if not code:
             return jsonify({"error": "request_code is required"}), 400