From 62a50fbdaac1dd67d4851a0cb817cdcd4cccd682 Mon Sep 17 00:00:00 2001
From: Massimiliano <mbelletti@users.noreply.github.com>
Date: Sat, 17 Aug 2024 14:00:55 +0200
Subject: [PATCH] Retrieve action_token in safe mode (#909)

---
 py4web/utils/auth.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/py4web/utils/auth.py b/py4web/utils/auth.py
index 37d52ae7..0a04d932 100644
--- a/py4web/utils/auth.py
+++ b/py4web/utils/auth.py
@@ -665,11 +665,11 @@ def login(self, email, password):
         # then check for possible login blockers
         if not user:
             error = "invalid_credentials"
-        elif (user["action_token"] or "").startswith("pending-registration:"):
+        elif (user.get("action_token") or "").startswith("pending-registration:"):
             error = "registration_is_pending"
-        elif user["action_token"] == "account-blocked":
+        elif user.get("action_token") == "account-blocked":
             error = "account_is_blocked"
-        elif user["action_token"] == "pending-approval":
+        elif user.get("action_token") == "pending-approval":
             error = "account_needs_to_be_approved"
 
         # return the error or the user