From dd6ccd19b19daae01a35b1215293203b89f7cc97 Mon Sep 17 00:00:00 2001 From: Andrey Chervyakov Date: Thu, 25 Feb 2021 02:07:16 +0600 Subject: [PATCH] Add check for non-existing user in auth user middleware --- app/auth/middleware.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/auth/middleware.py b/app/auth/middleware.py index 51ccd80..c11694d 100644 --- a/app/auth/middleware.py +++ b/app/auth/middleware.py @@ -12,6 +12,10 @@ def get_auth_user(auth: HTTPAuthorizationCredentials = Depends(HTTPBearer()), db try: decoded_token = verify_token(auth.credentials) auth_user = get_user_by_id(db, int(decoded_token["sub"])) + + if auth_user is None: + raise HTTPException(status_code=401) + return auth_user except JWTError: - raise HTTPException(status_code=403, detail="Invalid token") + raise HTTPException(status_code=401, detail="Invalid token")