fixed panic if loadfunc returns nil with no error

2026-01-24 15:17:19 +11:00
2 changed files with 8 additions and 1 deletions
--- a/hwsauth/authenticate.go
+++ b/hwsauth/authenticate.go
@@ -2,6 +2,7 @@ package hwsauth

 import (
 	"net/http"
+	"reflect"
 	"time"

 	"git.haelnorr.com/h/golib/jwt"
@@ -45,6 +46,9 @@ func (auth *Authenticator[T, TX]) getAuthenticatedUser(
 	if err != nil {
 		return authenticatedModel[T]{}, errors.Wrap(err, "auth.load")
 	}
+	if reflect.ValueOf(model).IsNil() {
+		return authenticatedModel[T]{}, errors.New("no user matching JWT in database")
+	}
 	authUser := authenticatedModel[T]{
 		model: model,
 		fresh: aT.Fresh,
--- a/hwsauth/refreshtokens.go
+++ b/hwsauth/refreshtokens.go
@@ -2,6 +2,7 @@ package hwsauth

 import (
 	"net/http"
+	"reflect"

 	"git.haelnorr.com/h/golib/jwt"
 	"github.com/pkg/errors"
@@ -18,7 +19,9 @@ func (auth *Authenticator[T, TX]) refreshAuthTokens(
 	if err != nil {
 		return getNil[T](), errors.Wrap(err, "auth.load")
 	}
-
+	if reflect.ValueOf(model).IsNil() {
+		return getNil[T](), errors.New("no user matching JWT in database")
+	}
 	rememberMe := map[string]bool{
 		"session": false,
 		"exp":     true,