fix(auth): null check before calling getId() in verifyEmail

smarcet · smarcet · commit 8337eea5923d · 2026-04-15T18:34:52.000-03:00
Split combined null/inactive check into separate guards to prevent
"Call to a member function getId() on null" when no user is found
for the verification token.
diff --git a/app/Services/Auth/UserService.php b/app/Services/Auth/UserService.php
@@ -225,7 +225,12 @@ public function verifyEmail(string $token): User
         return $this->tx_service->transaction(function () use ($token) {
             $user = $this->user_repository->getByVerificationEmailToken($token);
 
-            if (is_null($user) || !$user->isActive()) {
+            if (is_null($user)) {
+                Log::warning("UserService::verifyEmail no user found for token");
+                throw new EntityNotFoundException();
+            }
+
+            if (!$user->isActive()) {
                 Log::warning(sprintf("UserService::verifyEmail user with id %s is not active", $user->getId()));
                 throw new EntityNotFoundException();
             }
