From 5c14d56cbcebfcf9f04552cf19b0661ad9221a5f Mon Sep 17 00:00:00 2001
From: PrivateBasicsApp <privatebasicsapp@proton.me>
Date: Sun, 19 Apr 2026 20:36:49 +0000
Subject: [PATCH] Reject signup for existing users in FastAPI

---
 etebase_server/fastapi/routers/authentication.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/etebase_server/fastapi/routers/authentication.py b/etebase_server/fastapi/routers/authentication.py
index 533b0eb..523264e 100644
--- a/etebase_server/fastapi/routers/authentication.py
+++ b/etebase_server/fastapi/routers/authentication.py
@@ -231,7 +231,8 @@ def signup_save(data: SignupIn, request: Request) -> UserType:
     with transaction.atomic():
         try:
             user_queryset = get_user_queryset(User.objects.all(), CallbackContext(request.path_params))
-            instance = user_queryset.get(**{User.USERNAME_FIELD: user_data.username.lower()})
+            user_queryset.get(**{User.USERNAME_FIELD: user_data.username.lower()})
+            raise HttpError("user_exists", "User already exists", status_code=status.HTTP_409_CONFLICT)
         except User.DoesNotExist:
             # Create the user and save the casing the user chose as the first name
             try:
@@ -249,9 +250,6 @@ def signup_save(data: SignupIn, request: Request) -> UserType:
             except Exception as e:
                 raise HttpError("generic", str(e))
 
-        if hasattr(instance, "userinfo"):
-            raise HttpError("user_exists", "User already exists", status_code=status.HTTP_409_CONFLICT)
-
         models.UserInfo.objects.create(**data.dict(exclude={"user"}), owner=instance)
     return instance