diff --git a/server/routes/user.js b/server/routes/user.js
index 98c95a3c7..e27dfcdf8 100644
--- a/server/routes/user.js
+++ b/server/routes/user.js
@@ -246,6 +246,10 @@ router.post('/user/delete', async (req, res) => {
 });
 
 router.get('/user/social/:provider', async (req, res) => {
+    if (!req.session.grant || !req.session.grant.response || !req.session.grant.response.access_token || !socialLoginHandlers[req.params.provider]) {
+        return res.status(400).redirect('/' + config.user.route);
+    }
+
     const payload = socialLoginHandlers[req.params.provider](req.session.grant.response)
 
     const auth = await req.db.get(SQL`