diff --git a/backend/app/auth.py b/backend/app/auth.py index dcf0d88..5f814d6 100644 --- a/backend/app/auth.py +++ b/backend/app/auth.py @@ -440,7 +440,9 @@ def purge_user(db: Session, user: User, background: BackgroundTasks) -> None: email = user.email.lower() user_id = user.id tok = user.token - google_token = (decrypt(tok.refresh_token_enc) or tok.access_token) if tok else None + # Both are stored encrypted — decrypt for the revoke call (the access-token fallback was passing + # ciphertext, so a token row with no refresh token silently failed to revoke). + google_token = (decrypt(tok.refresh_token_enc) or decrypt(tok.access_token)) if tok else None # Raw delete so Postgres applies ON DELETE CASCADE / SET NULL on every dependent table. db.execute(delete(User).where(User.id == user_id)) db.execute(delete(Invite).where(Invite.email == email))