From 22ca522615a12ee4888fc0b2df59c269b9393d26 Mon Sep 17 00:00:00 2001 From: Brian Wiborg Date: Mon, 27 Oct 2025 11:03:12 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Catch=20invalid=20user=20refresh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ohmyapi/builtin/auth/routes.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/ohmyapi/builtin/auth/routes.py b/src/ohmyapi/builtin/auth/routes.py index 855126f..0104a4e 100644 --- a/src/ohmyapi/builtin/auth/routes.py +++ b/src/ohmyapi/builtin/auth/routes.py @@ -6,6 +6,7 @@ from fastapi import APIRouter, Body, Depends, Header, HTTPException, Request, st from fastapi.security import OAuth2, OAuth2PasswordBearer, OAuth2PasswordRequestForm from fastapi.security.utils import get_authorization_scheme_param from pydantic import BaseModel +from tortoise.exceptions import DoesNotExist from ohmyapi.builtin.auth.models import Group, User @@ -214,7 +215,11 @@ async def refresh_token(refresh_token: TokenRefresh = Body(...)): ) user_id = payload.get("sub") - user = await User.get(id=user_id) + try: + user = await User.get(id=user_id) + except DoesNotExist: + raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED) + if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found"