check for deleted user on refresh

2026-02-11 05:35:25 +03:00 · 2024-05-12 09:51:24 -05:00 · 2024-05-12 09:51:24 -05:00 · 1284704293
commit 1284704293
parent 58ae223371
1 changed files with 5 additions and 0 deletions
--- a/frigate/api/auth.py
+++ b/frigate/api/auth.py
@ -183,6 +183,11 @@ def auth():
        # if the jwt cookie is expiring soon
        elif jwt_source == "cookie" and expiration - JWT_REFRESH <= current_time:
            logger.debug("jwt token expiring soon, refreshing cookie")
+            # ensure the user hasn't been deleted
+            try:
+                User.get_by_id(user).execute()
+            except DoesNotExist:
+                return fail_response
            new_expiration = current_time + JWT_SESSION_LENGTH
            new_encoded_jwt = create_encoded_jwt(
                user, new_expiration, current_app.jwt_token