Merge pull request #21 from raboof/auth-error-handling

JulienMalka · Mar 2, 2024 · 38f35d3 · 38f35d3
2 parents 878c6cb + fb1f0bf
commit 38f35d3
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/web/__init__.py b/web/__init__.py
@@ -85,6 +85,9 @@ def record_attestation(
     db: Session = Depends(get_db),
 ):
     user = crud.get_user_with_token(db, token)
+    if user == None:
+        raise HTTPException(status_code=401, detail="User not found")
+
     crud.create_attestation(db, drv_hash, output_sha256_map, user)
     return {
         "Attestation accepted"

diff --git a/web/crud.py b/web/crud.py
@@ -29,5 +29,7 @@ def create_attestation(db: Session, drv_hash: str, output_hash_map: list[schemas
 
 
 def get_user_with_token(db: Session, token_val: str):
-    token = db.query(models.Token).filter_by(value=token_val).one()
+    token = db.query(models.Token).filter_by(value=token_val).one_or_none()
+    if token is None:
+        return None
     return token.user_id