diff --git a/server/api/auth/passkeys/register.post.js b/server/api/auth/passkeys/register.post.js
index 60b453d..c10c2e5 100644
--- a/server/api/auth/passkeys/register.post.js
+++ b/server/api/auth/passkeys/register.post.js
@@ -1,7 +1,20 @@
 import { verifyRegistrationResponse } from '@simplewebauthn/server'
 import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
 import { getWebAuthnConfig } from '../../../utils/webauthn-config.js'
-/* global getMethod, getHeader, setHeader, readBody, defineEventHandler */
+
+// Falls Nitro/H3-Globals fehlen: sichere Fallbacks auf globalThis setzen (vermeidet ESLint "no-redeclare")
+if (typeof globalThis.getMethod === 'undefined') {
+  globalThis.getMethod = (e) => (e?.req?.method || e?.method || 'GET')
+}
+if (typeof globalThis.getHeader === 'undefined') {
+  globalThis.getHeader = (e, name) => (e?.req?.headers?.[String(name).toLowerCase()] ?? null)
+}
+if (typeof globalThis.setHeader === 'undefined') {
+  globalThis.setHeader = (e, name, value) => { try { if (e?.res?.setHeader) e.res.setHeader(name, value); else if (e?.node?.res?.setHeader) e.node.res.setHeader(name, value) } catch (err) { void 0 } }
+}
+if (typeof globalThis.readBody === 'undefined') {
+  globalThis.readBody = async (e) => (e?.body ?? null)
+}
 import { clearRegistrationChallenge, getRegistrationChallenge } from '../../../utils/webauthn-challenges.js'
 import { toBase64Url } from '../../../utils/webauthn-encoding.js'
 import { writeAuditLog } from '../../../utils/audit-log.js'
diff --git a/server/api/auth/register-passkey.options.js b/server/api/auth/register-passkey.options.js
index 6a1cfbd..62e1a79 100644
--- a/server/api/auth/register-passkey.options.js
+++ b/server/api/auth/register-passkey.options.js
@@ -1,5 +1,16 @@
 import { getWebAuthnConfig } from '../../utils/webauthn-config.js'
 
+// Falls Nitro/H3-Globals fehlen: sichere Fallbacks auf globalThis setzen (vermeidet ESLint "no-redeclare")
+if (typeof globalThis.getHeader === 'undefined') {
+  globalThis.getHeader = (e, name) => (e?.req?.headers?.[String(name).toLowerCase()] ?? null)
+}
+if (typeof globalThis.setHeader === 'undefined') {
+  globalThis.setHeader = (e, name, value) => { try { if (e?.res?.setHeader) e.res.setHeader(name, value); else if (e?.node?.res?.setHeader) e.node.res.setHeader(name, value) } catch (err) { void 0 } }
+}
+if (typeof globalThis.setResponseStatus === 'undefined') {
+  globalThis.setResponseStatus = (e, status) => { try { if (e?.res) e.res.statusCode = status; else if (e?.node?.res) e.node.res.statusCode = status } catch (err) { void 0 } }
+}
+
 export default defineEventHandler(async (event) => {
   const requestOrigin = getHeader(event, 'origin')
   const { origin: webauthnOrigin } = getWebAuthnConfig()
@@ -34,6 +45,6 @@ export default defineEventHandler(async (event) => {
   }
 
   // OPTIONS Preflight-Request: 204 No Content
-  setResponseStatus(event, 204)
+  globalThis.setResponseStatus(event, 204)
   return null
 })