From caf09ca2d0332bcb9ac37eb4b352296fd82f7d3b Mon Sep 17 00:00:00 2001
From: Julian Rother <julian@cccv.de>
Date: Tue, 7 Sep 2021 00:55:16 +0200
Subject: [PATCH] Handle if user referenced in session does not exist

This bug was introduced by 12b0ea3.
---
 uffd/session/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/uffd/session/views.py b/uffd/session/views.py
index 76a5d660..e5589ee4 100644
--- a/uffd/session/views.py
+++ b/uffd/session/views.py
@@ -28,7 +28,7 @@ def set_request_user():
 	if datetime.datetime.now().timestamp() > session['logintime'] + current_app.config['SESSION_LIFETIME_SECONDS']:
 		return
 	user = User.query.get(session['user_dn'])
-	if not user.is_in_group(current_app.config['ACL_ACCESS_GROUP']):
+	if not user or not user.is_in_group(current_app.config['ACL_ACCESS_GROUP']):
 		return
 	request.user_pre_mfa = user
 	if session.get('user_mfa'):
-- 
GitLab