Skip to content

core: return bad request when user is authenticated and not active#19706

Merged
BeryJu merged 1 commit intomainfrom
core/fix-assertionerror
Jan 23, 2026
Merged

core: return bad request when user is authenticated and not active#19706
BeryJu merged 1 commit intomainfrom
core/fix-assertionerror

Conversation

@BeryJu
Copy link
Member

@BeryJu BeryJu commented Jan 23, 2026

Added with #15719

We added an assertionerror because we assumed no one should be able to get into this state, however when a logged in user is deactivated while logged in this happens.

@BeryJu
core: return bad request when user is authenticated and not active
e3fe0e8 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu requested a review from a team as a code owner January 23, 2026 17:14
@codecov
Copy link

codecov bot commented Jan 23, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 75.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 93.22%. Comparing base (30ad2b7) to head (e3fe0e8).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
authentik/core/middleware.py 75.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #19706      +/-   ##
==========================================
- Coverage   93.27%   93.22%   -0.05%     
==========================================
  Files         949      949              
  Lines       52187    52189       +2     
==========================================
- Hits        48677    48654      -23     
- Misses       3510     3535      +25
Flag Coverage Δ
conformance 38.25% <75.00%> (+<0.01%) ⬆️
e2e 44.11% <75.00%> (+<0.01%) ⬆️
integration 23.14% <50.00%> (-0.06%) ⬇️
unit 91.51% <75.00%> (-0.01%) ⬇️
unit-migrate 91.54% <75.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 23, 2026

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-e3fe0e8edc464f8b3966e4542bfb2c53cacb5075
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-e3fe0e8edc464f8b3966e4542bfb2c53cacb5075

Afterwards, run the upgrade commands from the latest release notes.

@BeryJu BeryJu merged commit 7c9b72e into main Jan 23, 2026
96 of 101 checks passed
@BeryJu BeryJu deleted the core/fix-assertionerror branch January 23, 2026 19:48
@BeryJu BeryJu added area:backend backport/version-2025.10 Add this label to PRs to backport changes to version-2025.10 backport/version-2025.12 Add this label to PRs to backport changes to version-2025.12 labels Jan 23, 2026
authentik-automation bot pushed a commit that referenced this pull request Jan 23, 2026
@BeryJu @authentik-automation
core: return bad request when user is authenticated and not active (#…
0cf9767 
…19706)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@authentik-automation authentik-automation bot mentioned this pull request Jan 23, 2026
Merged
@authentik-automation
Copy link
Contributor

authentik-automation bot commented Jan 23, 2026

🍒 Cherry-pick to version-2025.10 created: #19709

authentik-automation bot pushed a commit that referenced this pull request Jan 23, 2026
@BeryJu @authentik-automation
core: return bad request when user is authenticated and not active (#…
379643c 
…19706)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@authentik-automation authentik-automation bot mentioned this pull request Jan 23, 2026
Merged
@authentik-automation
Copy link
Contributor

authentik-automation bot commented Jan 23, 2026

🍒 Cherry-pick to version-2025.12 created: #19710

@authentik-automation
Copy link
Contributor

authentik-automation bot commented Jan 23, 2026

Cherry-pick to version-2025.12 already exists: #19710

BeryJu added a commit that referenced this pull request Jan 23, 2026
@authentik-automation @BeryJu
core: return bad request when user is authenticated and not active (c…
f758ed2 
…herry-pick #19706 to version-2025.10) (#19709)

core: return bad request when user is authenticated and not active (#19706)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
BeryJu added a commit that referenced this pull request Jan 23, 2026
@authentik-automation @BeryJu
core: return bad request when user is authenticated and not active (c…
f6a5ddd 
…herry-pick #19706 to version-2025.12) (#19710)

core: return bad request when user is authenticated and not active (#19706)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
kensternberg-authentik added a commit that referenced this pull request Jan 31, 2026
@kensternberg-authentik
Merge branch 'main' into dev
50bb59b 
* main:
  endpoints: FleetDM connector (#18589)
  web/admin: fix impersonation form requesting data without being opened (#19673)
  core: return bad request when user is authenticated and not active (#19706)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area:backend backport/version-2025.10 Add this label to PRs to backport changes to version-2025.10 backport/version-2025.12 Add this label to PRs to backport changes to version-2025.12

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BeryJu