From 983c3753063666634c6482126d2a1a9e5ce437aa Mon Sep 17 00:00:00 2001
From: Chris Breeden <chris_breeden@discovery.com>
Date: Fri, 17 Nov 2023 10:25:49 -0800
Subject: [PATCH] add clarifying comment about deleted users

---
 backend/lambdas/api/authorizer/authorizer/handlers.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/lambdas/api/authorizer/authorizer/handlers.py b/backend/lambdas/api/authorizer/authorizer/handlers.py
index db100f3f..8cd41aad 100644
--- a/backend/lambdas/api/authorizer/authorizer/handlers.py
+++ b/backend/lambdas/api/authorizer/authorizer/handlers.py
@@ -181,6 +181,7 @@ def _get_update_or_create_user(email: str) -> User:
     user = _get_user(email)
 
     # If user is soft-deleted, return None so that auth fails
+    # this should never occur in practice because user email is modified with a suffix of "_DELETED_{timestamp}" at deletion, but it is ok to retain this check
     if user and user.deleted:
         return None