From 0145ca02b022f38e5ed8b7719f8fa22509cce977 Mon Sep 17 00:00:00 2001
From: Lorenz Stechauner <lorenz.stechauner@necronda.net>
Date: Thu, 1 May 2025 19:48:00 +0200
Subject: [PATCH] elwig-backend: Invalidate non-existend users

---
 src/elwig-backend | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/elwig-backend b/src/elwig-backend
index d01b31c..daccea5 100755
--- a/src/elwig-backend
+++ b/src/elwig-backend
@@ -20,7 +20,7 @@ import hashlib
 import hmac
 
 
-VERSION: str = '0.0.6'
+VERSION: str = '0.0.7'
 
 CNX: sqlite3.Cursor
 USER_FILE: str
@@ -227,7 +227,9 @@ class ElwigApi(BaseHTTPRequestHandler):
                 raise UnauthorizedError('JWT token not yet valid')
             elif payload['iat'] < JWT_INVALIDATE_BEFORE:
                 raise UnauthorizedError('Invalidated JWT token')
-            elif payload['iat'] < JWT_USER_INVALIDATE_BEFORE.get(payload['sub'], 0):
+            elif payload['sub'] not in JWT_USER_INVALIDATE_BEFORE:
+                raise UnauthorizedError('Invalidated JWT token')
+            elif payload['iat'] < JWT_USER_INVALIDATE_BEFORE[payload['sub']]:
                 raise UnauthorizedError('Invalidated JWT token')
             return payload['sub'], payload['rol']
         except Exception: