Add token validation checks

Clinical-Genomics · Oct 9, 2024 · 67b70d4 · 67b70d4
1 parent 677f18a
commit 67b70d4
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/genotype_api/security.py b/genotype_api/security.py
@@ -68,6 +68,21 @@ async def get_active_user(
     store: Store = Depends(get_store),
 ) -> CurrentUser:
     """Dependency for secure endpoints"""
+
+    if token_info is None or not isinstance(token_info, dict):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid or expired token",
+        )
+
+    # Now check for the presence of "payload" and "email" safely
+    payload = token_info.get("payload")
+    if not payload or "email" not in payload:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid or expired token",
+        )
+
     user_email = token_info["payload"]["email"]
     db_user: User = await store.get_user_by_email(email=user_email)
     if not db_user: