Fix error messaging for edge case with current_user

Author: Landon Gilbert-Bland

flask_jwt_extended/utils.py

@@ -22,7 +22,7 @@ def get_jwt():
     decoded_jwt = getattr(_request_ctx_stack.top, "jwt", None)
     if decoded_jwt is None:
         raise RuntimeError(
-            "You must call `@jwt_required()` or `verify_jwt_in_request` "
+            "You must call `@jwt_required()` or `verify_jwt_in_request()` "
             "before using this method"
         )
     return decoded_jwt
@@ -40,7 +40,7 @@ def get_jwt_header():
     decoded_header = getattr(_request_ctx_stack.top, "jwt_header", None)
     if decoded_header is None:
         raise RuntimeError(
-            "You must call `@jwt_required()` or `verify_jwt_in_request` "
+            "You must call `@jwt_required()` or `verify_jwt_in_request()` "
             "before using this method"
         )
     return decoded_header
@@ -87,6 +87,7 @@ def get_current_user():
     :return:
         The current user object for the JWT in the current request
     """
+    get_jwt()  # Raise an error if not in a decorated context
     jwt_user_dict = getattr(_request_ctx_stack.top, "jwt_user", None)
     if jwt_user_dict is None:
         raise RuntimeError(

tests/test_user_lookup.py

@@ -20,16 +20,32 @@ def app():
     @app.route("/get_user1", methods=["GET"])
     @jwt_required()
     def get_user1():
-        return jsonify(foo=get_current_user()["username"])
+        try:
+            return jsonify(foo=get_current_user()["username"])
+        except RuntimeError as e:
+            return jsonify(error=str(e))
 
     @app.route("/get_user2", methods=["GET"])
     @jwt_required()
     def get_user2():
-        return jsonify(foo=current_user["username"])
+        try:
+            return jsonify(foo=current_user["username"])
+        except RuntimeError as e:
+            return jsonify(error=str(e))
 
     return app
 
 
+@pytest.mark.parametrize("url", ["/get_user1", "/get_user2"])
+def test_no_user_lookup_loader_specified(app, url):
+    test_client = app.test_client()
+    with app.test_request_context():
+        access_token = create_access_token("username")
+
+    response = test_client.get(url, headers=make_headers(access_token))
+    assert "@jwt.user_lookup_loader" in response.get_json()["error"]
+
+
 @pytest.mark.parametrize("url", ["/get_user1", "/get_user2"])
 def test_load_valid_user(app, url):
     jwt = get_jwt_manager(app)