Skip to content

Fix/deleted user 500 error#785

Merged
seapagan merged 3 commits intomainfrom
fix/deleted-user-500-error
Dec 24, 2025
Merged

Fix/deleted user 500 error#785
seapagan merged 3 commits intomainfrom
fix/deleted-user-500-error

Conversation

@seapagan
Copy link
Owner

@seapagan seapagan commented Dec 24, 2025

This pull request improves authentication error handling for deleted users and enhances test coverage for these scenarios. It also makes minor documentation and formatting updates. The most important changes are as follows:

Authentication Error Handling Improvements:

  • Updated app/managers/api_key.py so that if an API key is used for a user who has been deleted, authentication now raises a 401 Unauthorized error with an appropriate message instead of returning a generic error.
  • Updated app/managers/auth.py to ensure that if a JWT is presented for a deleted user, authentication fails with a 401 Unauthorized error and a clear message.

Test Coverage Enhancements:

  • Added a test in tests/unit/test_api_key_auth.py to verify that using an API key for a deleted user results in a 401 Unauthorized error with the correct error message.
  • Added a test in tests/unit/test_jwt_auth.py to verify that using a JWT for a deleted user results in a 401 Unauthorized error with the correct error message.

Documentation and Formatting:

  • Updated SECURITY.md to indicate support for version >=0.7.0 instead of >=0.7.1.
  • Removed a resolved bug from TODO.md and made minor formatting improvements in the CLI section. [1] [2]

@seapagan
Fix 500 error when deleted user attempts authentication
57b2463 
- Split user existence check from banned/verified checks in get_jwt_user()
- Prevents AttributeError when trying to access properties on None user
- Add proper validation for deleted users in API key authentication
- Now returns 401 Unauthorized instead of 500 Internal Server Error
- Fixes issue where valid tokens from deleted users caused server crashes
@seapagan
Add tests for API key and JWT authentication with deleted users
194d812 
Signed-off-by: Grant Ramsay <seapagan@gmail.com>
@seapagan
Fix version support in SECURITY.md and remove 500 error note from TOD…
e2595f6 
…O.md

Signed-off-by: Grant Ramsay <seapagan@gmail.com>
@seapagan seapagan self-assigned this Dec 24, 2025
@seapagan seapagan added the bug Something isn't working label Dec 24, 2025
@codacy-production
Copy link

codacy-production bot commented Dec 24, 2025

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
-0.19% (target: -1.00%) 100.00%
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (1f5b09b) 1541 1541 100.00%
Head commit (e2595f6) 1547 (+6) 1544 (+3) 99.81% (-0.19%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#785) 7 7 100.00%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

1 similar comment
@codacy-production
Copy link

codacy-production bot commented Dec 24, 2025

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
-0.19% (target: -1.00%) 100.00%
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (1f5b09b) 1541 1541 100.00%
Head commit (e2595f6) 1547 (+6) 1544 (+3) 99.81% (-0.19%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#785) 7 7 100.00%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

@seapagan seapagan marked this pull request as ready for review December 24, 2025 13:25
@seapagan seapagan merged commit 908a821 into main Dec 24, 2025
17 checks passed
@seapagan seapagan deleted the fix/deleted-user-500-error branch December 24, 2025 13:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@seapagan seapagan

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@seapagan