I have a log in API that is supposed to throw error when an invalid user is entered instead it throws error

Question

@app.route('/login', methods=['POST'])
def login():
if request.method == 'POST':

    username = request.form['username']
    password = request.form['password']
    if not username:
        return jsonify({'message':'Missing username'}), 400

    if not password:
        return jsonify({'message': 'Missing password'}), 400
    registered_user = Users.get(
        Users.username == username)
    password_pass = check_password_hash(registered_user.password_harsh, password)
    
    if registered_user:

        if password_pass:
            access_token = create_access_token(identity=registered_user)
            return {"access_token": access_token}, 200

    return jsonify({'message':'Invalid Login Info'}), 400

return jsonify({'message':"Please provide an email and password"}), 400

i have a message that the error is supposed to return but I get an error. I have the setting to return jsonify({'message':'Invalid Login Info'}), 400 when user does not exist. Its a python flask app.

File "/Users/user/PythonProject/venv/lib/python3.8/site-packages/peewee.py", line 
6973, in get
    raise self.model.DoesNotExist('%s instance matching query does '
model.UsersDoesNotExist: <Model: Users> instance matching query does not exist:
SQL: SELECT `t1`.`id`, `t1`.`fullname`, `t1`.`username`, `t1`.`email`, 
`t1`.`password_harsh`, `t1`.`birthday`, `t1`.`gender` FROM `users` AS `t1` WHERE 
(`t1`.`username` = %s) LIMIT %s OFFSET %s
Params: ['kennyy', 1, 0]

Answer 1

Peewee documentation for Selecting a single record shows that it raises error when it can't find object.

So you should use try/except to catch it.

Something like this:

@app.route('/login', methods=['POST'])
def login():
    if request.method == 'POST':
    
        username = request.form['username']
        password = request.form['password']
        
        if not username:
            return jsonify({'message':'Missing username'}), 400
    
        if not password:
            return jsonify({'message': 'Missing password'}), 400
        
        try:
            registered_user = Users.get(Users.username == username)
        except peewee.DoesNotExist:
            return jsonify({'message':'Invalid Login Info'}), 400
            
        password_pass = check_password_hash(registered_user.password_harsh, password)
    
        if password_pass:
            access_token = create_access_token(identity=registered_user)
            return {"access_token": access_token}, 200

    return jsonify({'message':"Please provide an email and password"}), 400