archive/id-py
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add check for non-existing user in auth user middleware

Browse source
This commit is contained in:
Andrey Chervyakov 2021-02-25 02:07:16 +06:00
parent 49bc902bb9
commit dd6ccd19b1
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
app/auth/middleware.py
View file

@ -12,6 +12,10 @@ def get_auth_user(auth: HTTPAuthorizationCredentials = Depends(HTTPBearer()), db
try: try:
decoded_token = verify_token(auth.credentials) decoded_token = verify_token(auth.credentials)
auth_user = get_user_by_id(db, int(decoded_token["sub"])) auth_user = get_user_by_id(db, int(decoded_token["sub"]))
if auth_user is None:
raise HTTPException(status_code=401)
return auth_user return auth_user
except JWTError: except JWTError:
raise HTTPException(status_code=403, detail="Invalid token") raise HTTPException(status_code=401, detail="Invalid token")