Handle missing MFA user in Snooze auth flow

src/dispatch/plugins/dispatch_core/plugin.py

@@ -122,7 +122,7 @@ def get_current_user(self, request: Request, **kwargs):
                 data = jwt.decode(token, key, options=jwt_opts)
         except JWTError as err:
             log.debug("JWT Decode error: {}".format(err))
-            raise credentials_exception
+            raise credentials_exception from err
 
         # Support overriding where email is returned in the id token
         if DISPATCH_JWT_EMAIL_OVERRIDE:

src/dispatch/plugins/dispatch_slack/case/interactive.py

@@ -692,7 +692,7 @@ def _create_snooze_filter(
 
     # Check if last_mfa_time was within the last hour
     last_hour = datetime.now() - timedelta(hours=1)
-    if (user.last_mfa_time and user.last_mfa_time < last_hour) or mfa_enabled is False:
+    if (user.last_mfa_time and user.last_mfa_time > last_hour) or mfa_enabled is False:
         _create_snooze_filter(
             db_session=db_session,
             user=user,
@@ -726,11 +726,13 @@ def _create_snooze_filter(
             user.last_mfa_time = datetime.now()
             db_session.commit()
         else:
-            text = (
-                "Adding Snooze failed, the MFA request timed out."
-                if response == PushResponseResult.timeout
-                else "Adding Snooze failed, you must accept the MFA prompt."
-            )
+            if response == PushResponseResult.timeout:
+                text = "Adding Snooze failed, the MFA request timed out."
+            elif response == PushResponseResult.user_not_found:
+                text = "Adding Snooze failed, user not found in MFA provider."
+            else:
+                text = "Adding Snooze failed, you must accept the MFA prompt."
+
             modal = Modal(
                 title="Add Snooze",
                 close="Close",