From 670aa582df99e87fca7c247b949baf452e8c234f Mon Sep 17 00:00:00 2001
From: giles <giles.bradshaw@sigyl.com>
Date: Tue, 24 Feb 2026 23:03:40 +0000
Subject: [PATCH] Guard user.email access in fragment middleware

Handle case where email is None for pre-existing sessions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 app/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index 60adf42..408983b 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -170,7 +170,7 @@ def create_app() -> FastAPI:
         from artdag_common.fragments import fetch_fragments as _fetch_frags
 
         user = get_user_from_cookie(request)
-        auth_params = {"email": user.email} if user else {}
+        auth_params = {"email": user.email} if user and user.email else {}
         nav_params = {"app_name": "artdag", "path": path}
 
         try: