diff --git a/routes/bazaar.route.js b/routes/bazaar.route.js
index 980b109..3d44d7a 100644
--- a/routes/bazaar.route.js
+++ b/routes/bazaar.route.js
@@ -3,34 +3,31 @@
 ============================================================ */
 
 const express = require("express");
-const router  = express.Router();
-const db      = require("../database/database");
+const router = express.Router();
+const db = require("../database/database");
+const { getMaxRarity } = require("../utils/rarity");
 
 function requireLogin(req, res, next) {
-  if (!req.session?.user) return res.status(401).json({ error: "Nicht eingeloggt" });
+  if (!req.session?.user)
+    return res.status(401).json({ error: "Nicht eingeloggt" });
   next();
 }
 
-function getMaxRarity(playerLevel) {
-  if (playerLevel < 10) return 2;
-  if (playerLevel < 20) return 3;
-  if (playerLevel < 30) return 4;
-  if (playerLevel < 40) return 5;
-  return 6;
-}
-
 /* ════════════════════════════════════════════
    GET /api/bazaar/cards?page=1&limit=18
 ════════════════════════════════════════════ */
 router.get("/bazaar/cards", requireLogin, async (req, res) => {
   const userId = req.session.user.id;
-  const page   = parseInt(req.query.page)  || 1;
-  const limit  = parseInt(req.query.limit) || 18;
+  const page = parseInt(req.query.page) || 1;
+  const limit = parseInt(req.query.limit) || 18;
   const offset = (page - 1) * limit;
 
   try {
-    const [[account]] = await db.query("SELECT level FROM accounts WHERE id = ?", [userId]);
-    const maxRarity   = getMaxRarity(account?.level ?? 1);
+    const [[account]] = await db.query(
+      "SELECT level FROM accounts WHERE id = ?",
+      [userId],
+    );
+    const maxRarity = getMaxRarity(account?.level ?? 1);
 
     const [cards] = await db.query(
       `SELECT
@@ -45,24 +42,28 @@ router.get("/bazaar/cards", requireLogin, async (req, res) => {
        WHERE c.rarity <= ?
        ORDER BY c.rarity ASC, c.name ASC
        LIMIT ? OFFSET ?`,
-      [maxRarity, limit, offset]
+      [maxRarity, limit, offset],
     );
 
     const [[{ total }]] = await db.query(
-      "SELECT COUNT(*) AS total FROM cards WHERE rarity <= ?", [maxRarity]
+      "SELECT COUNT(*) AS total FROM cards WHERE rarity <= ?",
+      [maxRarity],
     );
 
     const [[currency]] = await db.query(
-      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?", [userId]
+      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?",
+      [userId],
     );
 
     res.json({
-      cards, total, page,
+      cards,
+      total,
+      page,
       totalPages: Math.ceil(total / limit),
-      wood:  currency?.wood  || 0,
-      iron:  currency?.iron  || 0,
-      gold:  currency?.gold  || 0,
-      gems:  currency?.gems  || 0,
+      wood: currency?.wood || 0,
+      iron: currency?.iron || 0,
+      gold: currency?.gold || 0,
+      gems: currency?.gems || 0,
     });
   } catch (err) {
     console.error("[bazaar/cards]", err);
@@ -74,7 +75,7 @@ router.get("/bazaar/cards", requireLogin, async (req, res) => {
    POST /api/bazaar/buy  { card_id }
 ════════════════════════════════════════════ */
 router.post("/bazaar/buy", requireLogin, async (req, res) => {
-  const userId  = req.session.user.id;
+  const userId = req.session.user.id;
   const { card_id } = req.body;
   if (!card_id) return res.status(400).json({ error: "card_id fehlt." });
 
@@ -87,31 +88,39 @@ router.post("/bazaar/buy", requireLogin, async (req, res) => {
               COALESCE(p.price_gems, 0) AS price_gems
        FROM cards c
        LEFT JOIN card_shop_prices p ON p.rarity = c.rarity
-       WHERE c.id = ?`, [card_id]
+       WHERE c.id = ?`,
+      [card_id],
     );
     if (!card) return res.status(404).json({ error: "Karte nicht gefunden." });
 
-    const [[account]] = await db.query("SELECT level FROM accounts WHERE id = ?", [userId]);
+    const [[account]] = await db.query(
+      "SELECT level FROM accounts WHERE id = ?",
+      [userId],
+    );
     if (parseInt(card.rarity) > getMaxRarity(account?.level ?? 1)) {
-      return res.status(403).json({ error: "Dein Level reicht für diese Karte nicht aus." });
+      return res
+        .status(403)
+        .json({ error: "Dein Level reicht für diese Karte nicht aus." });
     }
 
     const [[currency]] = await db.query(
-      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?", [userId]
+      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?",
+      [userId],
     );
-    if (!currency) return res.status(400).json({ error: "Keine Währungsdaten gefunden." });
+    if (!currency)
+      return res.status(400).json({ error: "Keine Währungsdaten gefunden." });
 
     const checks = [
-      { key: "wood", label: "Holz"  },
+      { key: "wood", label: "Holz" },
       { key: "iron", label: "Eisen" },
-      { key: "gold", label: "Gold"  },
-      { key: "gems", label: "Gems"  },
+      { key: "gold", label: "Gold" },
+      { key: "gems", label: "Gems" },
     ];
     for (const { key, label } of checks) {
       const need = card[`price_${key}`];
       if (need > 0 && (currency[key] || 0) < need) {
         return res.status(400).json({
-          error: `Nicht genug ${label}. Benötigt: ${need}, Vorhanden: ${currency[key] || 0}`
+          error: `Nicht genug ${label}. Benötigt: ${need}, Vorhanden: ${currency[key] || 0}`,
         });
       }
     }
@@ -123,17 +132,24 @@ router.post("/bazaar/buy", requireLogin, async (req, res) => {
            gold = gold - ?,
            gems = gems - ?
        WHERE account_id = ?`,
-      [card.price_wood, card.price_iron, card.price_gold, card.price_gems, userId]
+      [
+        card.price_wood,
+        card.price_iron,
+        card.price_gold,
+        card.price_gems,
+        userId,
+      ],
     );
 
     await db.query(
       `INSERT INTO user_cards (user_id, card_id, amount) VALUES (?, ?, 1)
        ON DUPLICATE KEY UPDATE amount = amount + 1`,
-      [userId, card_id]
+      [userId, card_id],
     );
 
     const [[updated]] = await db.query(
-      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?", [userId]
+      "SELECT wood, iron, gold, gems FROM account_currency WHERE account_id = ?",
+      [userId],
     );
 
     res.json({
diff --git a/routes/combine.route.js b/routes/combine.route.js
index 956406c..413eaa4 100644
--- a/routes/combine.route.js
+++ b/routes/combine.route.js
@@ -6,7 +6,8 @@
 
 const express = require("express");
 const router  = express.Router();
-const db      = require("../database/database");
+const db           = require("../database/database");
+const { getMaxRarity } = require("../utils/rarity");
 
 function requireLogin(req, res, next) {
   if (!req.session?.user) return res.status(401).json({ error: "Nicht eingeloggt" });
@@ -24,18 +25,6 @@ function getRequiredCards(tavernLevel) {
   return 3;
 }
 
-/* ════════════════════════════════════════════
-   Max erlaubte Rarity je Spielerlevel
-   (gleiche Logik wie booster.route.js)
-════════════════════════════════════════════ */
-function getMaxRarity(playerLevel) {
-  if (playerLevel < 10) return 2;
-  if (playerLevel < 20) return 3;
-  if (playerLevel < 30) return 4;
-  if (playerLevel < 40) return 5;
-  return 6;
-}
-
 /* ════════════════════════════════════════════
    POST /api/cards/combine
    Body: { card_id: Number, amount: Number }
diff --git a/sockets/1vKI_daily.socket.js b/sockets/1vKI_daily.socket.js
index e6eedcd..cd2f1c7 100644
--- a/sockets/1vKI_daily.socket.js
+++ b/sockets/1vKI_daily.socket.js
@@ -6,7 +6,8 @@
 
 'use strict';
 
-const db             = require('../database/database');
+const db               = require('../database/database');
+const { getMaxRarity } = require('../utils/rarity');
 const { runCombatPhase } = require('./combat');
 const pointsRoute    = require('../routes/points.route');
 
@@ -29,15 +30,6 @@ function calcAvatarHp(level) {
   return 20 + (Math.max(1, Math.min(50, level || 1)) - 1) * 2;
 }
 
-/* ── Max. Rarity nach Spielerlevel (identisch zu combine.route.js) ── */
-function getMaxRarity(playerLevel) {
-  if (playerLevel < 10) return 2;
-  if (playerLevel < 20) return 3;
-  if (playerLevel < 30) return 4;
-  if (playerLevel < 40) return 5;
-  return 6;
-}
-
 /* ── Wächter-Namen pro Station ────────────────────────────── */
 const GUARD_NAMES = [
   "", "Torwächter",  "Waldläufer", "Steinbrecher",
diff --git a/utils/rarity.js b/utils/rarity.js
new file mode 100644
index 0000000..fb14693
--- /dev/null
+++ b/utils/rarity.js
@@ -0,0 +1,35 @@
+/* ============================================================
+   utils/rarity.js
+   Zentrale Rarity-Logik – wird überall per require eingebunden
+============================================================ */
+
+'use strict';
+
+/* ── Tabelle: ab welchem Level ist welche Rarity erlaubt ────
+   Einträge: { minLevel, maxRarity }
+   Wird von oben nach unten geprüft – erster passender Treffer gilt.
+────────────────────────────────────────────────────────────── */
+const RARITY_TABLE = [
+  { minLevel:  1, maxRarity: 2 },
+  { minLevel: 10, maxRarity: 3 },
+  { minLevel: 20, maxRarity: 4 },
+  { minLevel: 30, maxRarity: 5 },
+  { minLevel: 40, maxRarity: 6 },
+];
+
+/**
+ * Gibt die maximale erlaubte Rarity für ein Spielerlevel zurück.
+ * @param {number} playerLevel
+ * @returns {number} maxRarity
+ */
+function getMaxRarity(playerLevel) {
+  const level = Math.max(1, playerLevel || 1);
+  let result  = RARITY_TABLE[0].maxRarity;
+  for (const entry of RARITY_TABLE) {
+    if (level >= entry.minLevel) result = entry.maxRarity;
+    else break;
+  }
+  return result;
+}
+
+module.exports = { getMaxRarity, RARITY_TABLE };