fix: email check

lnbits/core/crud/users.py

@@ -94,6 +94,8 @@ async def get_accounts(
 async def get_account(
     user_id: str, conn: Optional[Connection] = None
 ) -> Optional[Account]:
+    if len(user_id) == 0:
+        return None
     return await (conn or db).fetchone(
         "SELECT * FROM accounts WHERE id = :id",
         {"id": user_id},
@@ -123,6 +125,8 @@ async def delete_accounts_no_wallets(
 async def get_account_by_username(
     username: str, conn: Optional[Connection] = None
 ) -> Optional[Account]:
+    if len(username) == 0:
+        return None
     return await (conn or db).fetchone(
         "SELECT * FROM accounts WHERE username = :username",
         {"username": username},
@@ -143,6 +147,8 @@ async def get_account_by_pubkey(
 async def get_account_by_email(
     email: str, conn: Optional[Connection] = None
 ) -> Optional[Account]:
+    if len(email) == 0:
+        return None
     return await (conn or db).fetchone(
         "SELECT * FROM accounts WHERE email = :email",
         {"email": email},

lnbits/decorators.py

@@ -303,11 +303,11 @@ async def _get_account_from_jwt_payload(
     payload: AccessTokenPayload, path: str, method: str
 ) -> Optional[Account]:
     account = None
-    if payload.sub is not None:
+    if payload.sub:
         account = await get_account_by_username(payload.sub)
-    if payload.usr is not None:
+    elif payload.usr:
         account = await get_account(payload.usr)
-    if payload.email is not None:
+    elif payload.email:
         account = await get_account_by_email(payload.email)
 
     if not account: