diff --git a/uffd/session/views.py b/uffd/session/views.py
index 76a5d660c9fa362960e9b73f324433145670b94f..e5589ee438f9479cbf1ccf8ecd5f8e69c633831f 100644
--- a/uffd/session/views.py
+++ b/uffd/session/views.py
@@ -28,7 +28,7 @@ def set_request_user():
 	if datetime.datetime.now().timestamp() > session['logintime'] + current_app.config['SESSION_LIFETIME_SECONDS']:
 		return
 	user = User.query.get(session['user_dn'])
-	if not user.is_in_group(current_app.config['ACL_ACCESS_GROUP']):
+	if not user or not user.is_in_group(current_app.config['ACL_ACCESS_GROUP']):
 		return
 	request.user_pre_mfa = user
 	if session.get('user_mfa'):