From 7b6ad281687368db10f51c837dc81e3c6cecc806 Mon Sep 17 00:00:00 2001
From: Stefan Bethke <stb@lassitu.de>
Date: Thu, 29 May 2025 21:44:40 +0200
Subject: [PATCH] Handle no session yet properly

---
 hmdooris/__main__.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hmdooris/__main__.py b/hmdooris/__main__.py
index ad50400..4346a76 100644
--- a/hmdooris/__main__.py
+++ b/hmdooris/__main__.py
@@ -93,7 +93,9 @@ def post_api_lock(id):
 @jinja2_view("not_authorized.html.j2")
 def not_authorized(error):
     code, msg = error.args
-    groups = request.session[auth.sess_attr]['groups'] if 'groups' in request.session[auth.sess_attr] else []
+    groups = []
+    if auth.sess_attr in request.session and 'groups' in request.session[auth.sess_attr]:
+        groups = request.session[auth.sess_attr]['groups']
     return {
         'user': auth.my_username,
         'ip': request.remote_addr,