From 420ab754675cdc1fac0962be749c2040134a0d45 Mon Sep 17 00:00:00 2001 From: Tom Butcher Date: Sat, 7 Mar 2026 20:32:36 +0000 Subject: [PATCH] Added user existence check in userRouteHandler to return 401 status if user is not found, enhancing authentication flow. --- src/services/misc/auth.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/services/misc/auth.js b/src/services/misc/auth.js index 99ef1db..0e25755 100644 --- a/src/services/misc/auth.js +++ b/src/services/misc/auth.js @@ -292,6 +292,10 @@ export const userRouteHandler = async (req, res) => { if (req.user) { const authHeader = req.headers.authorization || req.headers.Authorization; const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null; + const user = await userModel.findOne({ _id: req.user._id }).lean(); + if (!user) { + return res.status(401).json({ error: 'User not found' }); + } return res.json({ access_token: token, expires_at: req.session?.expiresAt,