diff --git a/src/services/misc/auth.js b/src/services/misc/auth.js
index 99ef1db..0e25755 100644
--- a/src/services/misc/auth.js
+++ b/src/services/misc/auth.js
@@ -292,6 +292,10 @@ export const userRouteHandler = async (req, res) => {
   if (req.user) {
     const authHeader = req.headers.authorization || req.headers.Authorization;
     const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
+    const user = await userModel.findOne({ _id: req.user._id }).lean();
+    if (!user) {
+      return res.status(401).json({ error: 'User not found' });
+    }
     return res.json({
       access_token: token,
       expires_at: req.session?.expiresAt,