diff --git a/server/src/api/comment.rs b/server/src/api/comment.rs
index 7dfce473..a18ba762 100644
--- a/server/src/api/comment.rs
+++ b/server/src/api/comment.rs
@@ -1,5 +1,5 @@
 use crate::{
-  api::{claims::Claims, is_mod_or_admin, APIError, Oper, Perform},
+  api::{get_user_from_jwt, get_user_from_jwt_opt, is_mod_or_admin, APIError, Oper, Perform},
   apub::{ApubLikeableType, ApubObjectType},
   blocking,
   websocket::{
@@ -123,13 +123,7 @@ impl Perform for Oper<CreateComment> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &CreateComment = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let content_slurs_removed = remove_slurs(&data.content.to_owned());
 
@@ -137,7 +131,7 @@ impl Perform for Oper<CreateComment> {
       content: content_slurs_removed,
       parent_id: data.parent_id.to_owned(),
       post_id: data.post_id,
-      creator_id: user_id,
+      creator_id: user.id,
       removed: None,
       deleted: None,
       read: None,
@@ -152,18 +146,13 @@ impl Perform for Oper<CreateComment> {
     let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
 
     let community_id = post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
       return Err(APIError::err("community_ban").into());
     }
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(&conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check if post is locked, no new comments
     if post.locked {
       return Err(APIError::err("locked").into());
@@ -251,26 +240,15 @@ impl Perform for Oper<EditComment> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &EditComment = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_comment =
       blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_comment.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -278,7 +256,7 @@ impl Perform for Oper<EditComment> {
     }
 
     // Verify that only the creator can edit
-    if user_id != orig_comment.creator_id {
+    if user.id != orig_comment.creator_id {
       return Err(APIError::err("no_comment_edit_allowed").into());
     }
 
@@ -346,26 +324,15 @@ impl Perform for Oper<DeleteComment> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &DeleteComment = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_comment =
       blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_comment.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -445,26 +412,15 @@ impl Perform for Oper<RemoveComment> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &RemoveComment = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_comment =
       blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_comment.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -551,26 +507,15 @@ impl Perform for Oper<MarkCommentAsRead> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &MarkCommentAsRead = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_comment =
       blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_comment.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -591,7 +536,7 @@ impl Perform for Oper<MarkCommentAsRead> {
       None => {
         let parent_post_id = orig_comment.post_id;
         let parent_post = blocking(pool, move |conn| Post::read(conn, parent_post_id)).await??;
-        if user_id != parent_post.creator_id {
+        if user.id != parent_post.creator_id {
           return Err(APIError::err("no_comment_edit_allowed").into());
         }
       }
@@ -631,17 +576,11 @@ impl Perform for Oper<SaveComment> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &SaveComment = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let comment_saved_form = CommentSavedForm {
       comment_id: data.comment_id,
-      user_id,
+      user_id: user.id,
     };
 
     if data.save {
@@ -657,6 +596,7 @@ impl Perform for Oper<SaveComment> {
     }
 
     let comment_id = data.comment_id;
+    let user_id = user.id;
     let comment_view = blocking(pool, move |conn| {
       CommentView::read(conn, comment_id, Some(user_id))
     })
@@ -680,13 +620,7 @@ impl Perform for Oper<CreateCommentLike> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommentResponse, LemmyError> {
     let data: &CreateCommentLike = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let mut recipient_ids = Vec::new();
 
@@ -706,18 +640,13 @@ impl Perform for Oper<CreateCommentLike> {
     let post_id = orig_comment.post_id;
     let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
     let community_id = post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
       return Err(APIError::err("community_ban").into());
     }
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     let comment_id = data.comment_id;
     let comment = blocking(pool, move |conn| Comment::read(conn, comment_id)).await??;
 
@@ -806,19 +735,8 @@ impl Perform for Oper<GetComments> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetCommentsResponse, LemmyError> {
     let data: &GetComments = &self.data;
-
-    let user_claims: Option<Claims> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => Some(claims.claims),
-        Err(_e) => None,
-      },
-      None => None,
-    };
-
-    let user_id = match &user_claims {
-      Some(claims) => Some(claims.id),
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
+    let user_id = user.map(|u| u.id);
 
     let type_ = ListingType::from_str(&data.type_)?;
     let sort = SortType::from_str(&data.sort)?;
diff --git a/server/src/api/community.rs b/server/src/api/community.rs
index e4a8b6e8..beb51f1b 100644
--- a/server/src/api/community.rs
+++ b/server/src/api/community.rs
@@ -1,6 +1,6 @@
 use super::*;
 use crate::{
-  api::{claims::Claims, is_admin, is_mod_or_admin, APIError, Oper, Perform},
+  api::{is_admin, is_mod_or_admin, APIError, Oper, Perform},
   apub::ActorType,
   blocking,
   websocket::{
@@ -154,17 +154,8 @@ impl Perform for Oper<GetCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetCommunityResponse, LemmyError> {
     let data: &GetCommunity = &self.data;
-
-    let user_id: Option<i32> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          Some(user_id)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
+    let user_id = user.map(|u| u.id);
 
     let name = data.name.to_owned().unwrap_or_else(|| "main".to_string());
     let community = match data.id {
@@ -234,11 +225,7 @@ impl Perform for Oper<CreateCommunity> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommunityResponse, LemmyError> {
     let data: &CreateCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.name) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -258,14 +245,6 @@ impl Perform for Oper<CreateCommunity> {
       return Err(APIError::err("invalid_community_name").into());
     }
 
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user_view = blocking(pool, move |conn| UserView::read(conn, user_id)).await??;
-    if user_view.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Double check for duplicate community actor_ids
     let actor_id = make_apub_endpoint(EndpointType::Community, &data.name).to_string();
     let actor_id_cloned = actor_id.to_owned();
@@ -285,7 +264,7 @@ impl Perform for Oper<CreateCommunity> {
       title: data.title.to_owned(),
       description: data.description.to_owned(),
       category_id: data.category_id,
-      creator_id: user_id,
+      creator_id: user.id,
       removed: None,
       deleted: None,
       nsfw: data.nsfw,
@@ -306,7 +285,7 @@ impl Perform for Oper<CreateCommunity> {
 
     let community_moderator_form = CommunityModeratorForm {
       community_id: inserted_community.id,
-      user_id,
+      user_id: user.id,
     };
 
     let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form);
@@ -316,7 +295,7 @@ impl Perform for Oper<CreateCommunity> {
 
     let community_follower_form = CommunityFollowerForm {
       community_id: inserted_community.id,
-      user_id,
+      user_id: user.id,
     };
 
     let follow = move |conn: &'_ _| CommunityFollower::follow(conn, &community_follower_form);
@@ -324,6 +303,7 @@ impl Perform for Oper<CreateCommunity> {
       return Err(APIError::err("community_follower_already_exists").into());
     }
 
+    let user_id = user.id;
     let community_view = blocking(pool, move |conn| {
       CommunityView::read(conn, inserted_community.id, Some(user_id))
     })
@@ -345,6 +325,7 @@ impl Perform for Oper<EditCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommunityResponse, LemmyError> {
     let data: &EditCommunity = &self.data;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.title) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -356,19 +337,6 @@ impl Perform for Oper<EditCommunity> {
       }
     }
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Verify its a mod (only mods can edit it)
     let edit_id = data.edit_id;
     let mods: Vec<i32> = blocking(pool, move |conn| {
@@ -376,7 +344,7 @@ impl Perform for Oper<EditCommunity> {
         .map(|v| v.into_iter().map(|m| m.user_id).collect())
     })
     .await??;
-    if !mods.contains(&user_id) {
+    if !mods.contains(&user.id) {
       return Err(APIError::err("not_a_moderator").into());
     }
 
@@ -415,6 +383,7 @@ impl Perform for Oper<EditCommunity> {
     // process for communities and users
 
     let edit_id = data.edit_id;
+    let user_id = user.id;
     let community_view = blocking(pool, move |conn| {
       CommunityView::read(conn, edit_id, Some(user_id))
     })
@@ -440,24 +409,12 @@ impl Perform for Oper<DeleteCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommunityResponse, LemmyError> {
     let data: &DeleteCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Verify its the creator (only a creator can delete the community)
     let edit_id = data.edit_id;
     let read_community = blocking(pool, move |conn| Community::read(conn, edit_id)).await??;
-    if read_community.creator_id != user_id {
+    if read_community.creator_id != user.id {
       return Err(APIError::err("no_community_edit_allowed").into());
     }
 
@@ -485,6 +442,7 @@ impl Perform for Oper<DeleteCommunity> {
     }
 
     let edit_id = data.edit_id;
+    let user_id = user.id;
     let community_view = blocking(pool, move |conn| {
       CommunityView::read(conn, edit_id, Some(user_id))
     })
@@ -510,22 +468,10 @@ impl Perform for Oper<RemoveCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommunityResponse, LemmyError> {
     let data: &RemoveCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Verify its an admin (only an admin can remove a community)
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     // Do the remove
     let edit_id = data.edit_id;
@@ -545,7 +491,7 @@ impl Perform for Oper<RemoveCommunity> {
       None => None,
     };
     let form = ModRemoveCommunityForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       community_id: data.edit_id,
       removed: Some(removed),
       reason: data.reason.to_owned(),
@@ -565,6 +511,7 @@ impl Perform for Oper<RemoveCommunity> {
     }
 
     let edit_id = data.edit_id;
+    let user_id = user.id;
     let community_view = blocking(pool, move |conn| {
       CommunityView::read(conn, edit_id, Some(user_id))
     })
@@ -590,19 +537,7 @@ impl Perform for Oper<ListCommunities> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<ListCommunitiesResponse, LemmyError> {
     let data: &ListCommunities = &self.data;
-
-    // For logged in users, you need to get back subscribed, and settings
-    let user: Option<User_> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-          Some(user)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
 
     let user_id = match &user {
       Some(user) => Some(user.id),
@@ -644,19 +579,13 @@ impl Perform for Oper<FollowCommunity> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<CommunityResponse, LemmyError> {
     let data: &FollowCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let community_id = data.community_id;
     let community = blocking(pool, move |conn| Community::read(conn, community_id)).await??;
     let community_follower_form = CommunityFollowerForm {
       community_id: data.community_id,
-      user_id,
+      user_id: user.id,
     };
 
     if community.local {
@@ -672,29 +601,25 @@ impl Perform for Oper<FollowCommunity> {
           return Err(APIError::err("community_follower_already_exists").into());
         }
       }
+    } else if data.follow {
+      // Dont actually add to the community followers here, because you need
+      // to wait for the accept
+      user
+        .send_follow(&community.actor_id, &self.client, pool)
+        .await?;
     } else {
-      let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-
-      if data.follow {
-        // Dont actually add to the community followers here, because you need
-        // to wait for the accept
-        user
-          .send_follow(&community.actor_id, &self.client, pool)
-          .await?;
-      } else {
-        user
-          .send_unfollow(&community.actor_id, &self.client, pool)
-          .await?;
-        let unfollow =
-          move |conn: &'_ _| CommunityFollower::unfollow(conn, &community_follower_form);
-        if blocking(pool, unfollow).await?.is_err() {
-          return Err(APIError::err("community_follower_already_exists").into());
-        }
+      user
+        .send_unfollow(&community.actor_id, &self.client, pool)
+        .await?;
+      let unfollow = move |conn: &'_ _| CommunityFollower::unfollow(conn, &community_follower_form);
+      if blocking(pool, unfollow).await?.is_err() {
+        return Err(APIError::err("community_follower_already_exists").into());
       }
-      // TODO: this needs to return a "pending" state, until Accept is received from the remote server
     }
+    // TODO: this needs to return a "pending" state, until Accept is received from the remote server
 
     let community_id = data.community_id;
+    let user_id = user.id;
     let community_view = blocking(pool, move |conn| {
       CommunityView::read(conn, community_id, Some(user_id))
     })
@@ -716,14 +641,9 @@ impl Perform for Oper<GetFollowedCommunities> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetFollowedCommunitiesResponse, LemmyError> {
     let data: &GetFollowedCommunities = &self.data;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
+    let user_id = user.id;
     let communities = match blocking(pool, move |conn| {
       CommunityFollowerView::for_user(conn, user_id)
     })
@@ -748,18 +668,12 @@ impl Perform for Oper<BanFromCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<BanFromCommunityResponse, LemmyError> {
     let data: &BanFromCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let community_id = data.community_id;
 
     // Verify that only mods or admins can ban
-    is_mod_or_admin(pool, user_id, community_id).await?;
+    is_mod_or_admin(pool, user.id, community_id).await?;
 
     let community_user_ban_form = CommunityUserBanForm {
       community_id: data.community_id,
@@ -786,7 +700,7 @@ impl Perform for Oper<BanFromCommunity> {
     };
 
     let form = ModBanFromCommunityForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       community_id: data.community_id,
       reason: data.reason.to_owned(),
@@ -826,13 +740,7 @@ impl Perform for Oper<AddModToCommunity> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<AddModToCommunityResponse, LemmyError> {
     let data: &AddModToCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let community_moderator_form = CommunityModeratorForm {
       community_id: data.community_id,
@@ -842,7 +750,7 @@ impl Perform for Oper<AddModToCommunity> {
     let community_id = data.community_id;
 
     // Verify that only mods or admins can add mod
-    is_mod_or_admin(pool, user_id, community_id).await?;
+    is_mod_or_admin(pool, user.id, community_id).await?;
 
     if data.added {
       let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form);
@@ -858,7 +766,7 @@ impl Perform for Oper<AddModToCommunity> {
 
     // Mod tables
     let form = ModAddCommunityForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       community_id: data.community_id,
       removed: Some(!data.added),
@@ -896,13 +804,7 @@ impl Perform for Oper<TransferCommunity> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetCommunityResponse, LemmyError> {
     let data: &TransferCommunity = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let community_id = data.community_id;
     let read_community = blocking(pool, move |conn| Community::read(conn, community_id)).await??;
@@ -917,7 +819,7 @@ impl Perform for Oper<TransferCommunity> {
     admins.insert(0, creator_user);
 
     // Make sure user is the creator, or an admin
-    if user_id != read_community.creator_id && !admins.iter().map(|a| a.id).any(|x| x == user_id) {
+    if user.id != read_community.creator_id && !admins.iter().map(|a| a.id).any(|x| x == user.id) {
       return Err(APIError::err("not_an_admin").into());
     }
 
@@ -962,7 +864,7 @@ impl Perform for Oper<TransferCommunity> {
 
     // Mod tables
     let form = ModAddCommunityForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       community_id: data.community_id,
       removed: Some(false),
@@ -970,6 +872,7 @@ impl Perform for Oper<TransferCommunity> {
     blocking(pool, move |conn| ModAddCommunity::create(conn, &form)).await??;
 
     let community_id = data.community_id;
+    let user_id = user.id;
     let community_view = match blocking(pool, move |conn| {
       CommunityView::read(conn, community_id, Some(user_id))
     })
diff --git a/server/src/api/mod.rs b/server/src/api/mod.rs
index 11f958f0..f97a50c2 100644
--- a/server/src/api/mod.rs
+++ b/server/src/api/mod.rs
@@ -1,4 +1,4 @@
-use crate::{blocking, websocket::WebsocketInfo, DbPool, LemmyError};
+use crate::{api::claims::Claims, blocking, websocket::WebsocketInfo, DbPool, LemmyError};
 use actix_web::client::Client;
 use lemmy_db::{
   community::*,
@@ -75,3 +75,30 @@ pub async fn is_admin(pool: &DbPool, user_id: i32) -> Result<(), LemmyError> {
   }
   Ok(())
 }
+
+pub(in crate::api) async fn get_user_from_jwt(
+  jwt: &str,
+  pool: &DbPool,
+) -> Result<User_, LemmyError> {
+  let claims = match Claims::decode(&jwt) {
+    Ok(claims) => claims.claims,
+    Err(_e) => return Err(APIError::err("not_logged_in").into()),
+  };
+  let user_id = claims.id;
+  let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+  // Check for a site ban
+  if user.banned {
+    return Err(APIError::err("site_ban").into());
+  }
+  Ok(user)
+}
+
+pub(in crate::api) async fn get_user_from_jwt_opt(
+  jwt: &Option<String>,
+  pool: &DbPool,
+) -> Result<Option<User_>, LemmyError> {
+  match jwt {
+    Some(jwt) => Ok(Some(get_user_from_jwt(jwt, pool).await?)),
+    None => Ok(None),
+  }
+}
diff --git a/server/src/api/post.rs b/server/src/api/post.rs
index e346a6c8..a9229fce 100644
--- a/server/src/api/post.rs
+++ b/server/src/api/post.rs
@@ -1,5 +1,5 @@
 use crate::{
-  api::{claims::Claims, is_mod_or_admin, APIError, Oper, Perform},
+  api::{get_user_from_jwt, get_user_from_jwt_opt, is_mod_or_admin, APIError, Oper, Perform},
   apub::{ApubLikeableType, ApubObjectType},
   blocking,
   fetch_iframely_and_pictrs_data,
@@ -19,7 +19,6 @@ use lemmy_db::{
   post::*,
   post_view::*,
   site_view::*,
-  user::*,
   Crud,
   Likeable,
   ListingType,
@@ -146,11 +145,7 @@ impl Perform for Oper<CreatePost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &CreatePost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.name) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -166,22 +161,15 @@ impl Perform for Oper<CreatePost> {
       return Err(APIError::err("invalid_post_title").into());
     }
 
-    let user_id = claims.id;
-
     // Check for a community ban
     let community_id = data.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
       return Err(APIError::err("community_ban").into());
     }
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     if let Some(url) = data.url.as_ref() {
       match Url::parse(url) {
         Ok(_t) => (),
@@ -198,7 +186,7 @@ impl Perform for Oper<CreatePost> {
       url: data.url.to_owned(),
       body: data.body.to_owned(),
       community_id: data.community_id,
-      creator_id: user_id,
+      creator_id: user.id,
       removed: None,
       deleted: None,
       nsfw: data.nsfw,
@@ -244,7 +232,7 @@ impl Perform for Oper<CreatePost> {
     // They like their own post by default
     let like_form = PostLikeForm {
       post_id: inserted_post.id,
-      user_id,
+      user_id: user.id,
       score: 1,
     };
 
@@ -258,7 +246,7 @@ impl Perform for Oper<CreatePost> {
     // Refetch the view
     let inserted_post_id = inserted_post.id;
     let post_view = match blocking(pool, move |conn| {
-      PostView::read(conn, inserted_post_id, Some(user_id))
+      PostView::read(conn, inserted_post_id, Some(user.id))
     })
     .await?
     {
@@ -290,17 +278,8 @@ impl Perform for Oper<GetPost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetPostResponse, LemmyError> {
     let data: &GetPost = &self.data;
-
-    let user_id: Option<i32> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          Some(user_id)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
+    let user_id = user.map(|u| u.id);
 
     let id = data.id;
     let post_view = match blocking(pool, move |conn| PostView::read(conn, id, user_id)).await? {
@@ -369,19 +348,7 @@ impl Perform for Oper<GetPosts> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetPostsResponse, LemmyError> {
     let data: &GetPosts = &self.data;
-
-    // For logged in users, you need to get back subscribed, and settings
-    let user: Option<User_> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-          Some(user)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
 
     let user_id = match &user {
       Some(user) => Some(user.id),
@@ -446,13 +413,7 @@ impl Perform for Oper<CreatePostLike> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &CreatePostLike = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Don't do a downvote if site has downvotes disabled
     if data.score == -1 {
@@ -467,18 +428,13 @@ impl Perform for Oper<CreatePostLike> {
     let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
 
     let community_id = post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
       return Err(APIError::err("community_ban").into());
     }
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     let like_form = PostLikeForm {
       post_id: data.post_id,
       user_id,
@@ -541,6 +497,7 @@ impl Perform for Oper<EditPost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &EditPost = &self.data;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.name) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -556,32 +513,20 @@ impl Perform for Oper<EditPost> {
       return Err(APIError::err("invalid_post_title").into());
     }
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
     let edit_id = data.edit_id;
     let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
 
     // Check for a community ban
     let community_id = orig_post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
       return Err(APIError::err("community_ban").into());
     }
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Verify that only the creator can edit
-    if !Post::is_post_creator(user_id, orig_post.creator_id) {
+    if !Post::is_post_creator(user.id, orig_post.creator_id) {
       return Err(APIError::err("no_post_edit_allowed").into());
     }
 
@@ -658,25 +603,14 @@ impl Perform for Oper<DeletePost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &DeletePost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -736,25 +670,14 @@ impl Perform for Oper<RemovePost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &RemovePost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -762,7 +685,7 @@ impl Perform for Oper<RemovePost> {
     }
 
     // Verify that only the mods can remove
-    is_mod_or_admin(pool, user_id, community_id).await?;
+    is_mod_or_admin(pool, user.id, community_id).await?;
 
     // Update the post
     let edit_id = data.edit_id;
@@ -774,7 +697,7 @@ impl Perform for Oper<RemovePost> {
 
     // Mod tables
     let form = ModRemovePostForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       post_id: data.edit_id,
       removed: Some(removed),
       reason: data.reason.to_owned(),
@@ -821,25 +744,14 @@ impl Perform for Oper<LockPost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &LockPost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -897,25 +809,14 @@ impl Perform for Oper<StickyPost> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &StickyPost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let edit_id = data.edit_id;
     let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     // Check for a community ban
     let community_id = orig_post.community_id;
+    let user_id = user.id;
     let is_banned =
       move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
     if blocking(pool, is_banned).await? {
@@ -976,17 +877,11 @@ impl Perform for Oper<SavePost> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<PostResponse, LemmyError> {
     let data: &SavePost = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let post_saved_form = PostSavedForm {
       post_id: data.post_id,
-      user_id,
+      user_id: user.id,
     };
 
     if data.save {
@@ -1002,6 +897,7 @@ impl Perform for Oper<SavePost> {
     }
 
     let post_id = data.post_id;
+    let user_id = user.id;
     let post_view = blocking(pool, move |conn| {
       PostView::read(conn, post_id, Some(user_id))
     })
diff --git a/server/src/api/site.rs b/server/src/api/site.rs
index adade080..7dfdb9dd 100644
--- a/server/src/api/site.rs
+++ b/server/src/api/site.rs
@@ -1,6 +1,6 @@
 use super::user::Register;
 use crate::{
-  api::{claims::Claims, is_admin, APIError, Oper, Perform},
+  api::{get_user_from_jwt, get_user_from_jwt_opt, is_admin, APIError, Oper, Perform},
   apub::fetcher::search_by_apub_id,
   blocking,
   version,
@@ -243,10 +243,7 @@ impl Perform for Oper<CreateSite> {
   ) -> Result<SiteResponse, LemmyError> {
     let data: &CreateSite = &self.data;
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.name) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -258,15 +255,13 @@ impl Perform for Oper<CreateSite> {
       }
     }
 
-    let user_id = claims.id;
-
     // Make sure user is an admin
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     let site_form = SiteForm {
       name: data.name.to_owned(),
       description: data.description.to_owned(),
-      creator_id: user_id,
+      creator_id: user.id,
       enable_downvotes: data.enable_downvotes,
       open_registration: data.open_registration,
       enable_nsfw: data.enable_nsfw,
@@ -293,11 +288,7 @@ impl Perform for Oper<EditSite> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<SiteResponse, LemmyError> {
     let data: &EditSite = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Err(slurs) = slur_check(&data.name) {
       return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
@@ -309,10 +300,8 @@ impl Perform for Oper<EditSite> {
       }
     }
 
-    let user_id = claims.id;
-
     // Make sure user is an admin
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     let found_site = blocking(pool, move |conn| Site::read(conn, 1)).await??;
 
@@ -421,21 +410,12 @@ impl Perform for Oper<GetSite> {
       0
     };
 
-    // Giving back your user, if you're logged in
-    let my_user: Option<User_> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          let mut user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-          user.password_encrypted = "".to_string();
-          user.private_key = None;
-          user.public_key = None;
-          Some(user)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let my_user = get_user_from_jwt_opt(&data.auth, pool).await?.map(|mut u| {
+      u.password_encrypted = "".to_string();
+      u.private_key = None;
+      u.public_key = None;
+      u
+    });
 
     Ok(GetSiteResponse {
       site: site_view,
@@ -466,16 +446,8 @@ impl Perform for Oper<Search> {
       Err(e) => debug!("Failed to resolve search query as activitypub ID: {}", e),
     }
 
-    let user_id: Option<i32> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          Some(user_id)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
+    let user_id = user.map(|u| u.id);
 
     let type_ = SearchType::from_str(&data.type_)?;
 
@@ -630,14 +602,8 @@ impl Perform for Oper<TransferSite> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetSiteResponse, LemmyError> {
     let data: &TransferSite = &self.data;
+    let mut user = get_user_from_jwt(&data.auth, pool).await?;
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-    let mut user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
     // TODO add a User_::read_safe() for this.
     user.password_encrypted = "".to_string();
     user.private_key = None;
@@ -646,7 +612,7 @@ impl Perform for Oper<TransferSite> {
     let read_site = blocking(pool, move |conn| Site::read(conn, 1)).await??;
 
     // Make sure user is the creator
-    if read_site.creator_id != user_id {
+    if read_site.creator_id != user.id {
       return Err(APIError::err("not_an_admin").into());
     }
 
@@ -667,7 +633,7 @@ impl Perform for Oper<TransferSite> {
 
     // Mod tables
     let form = ModAddForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       removed: Some(false),
     };
@@ -707,16 +673,10 @@ impl Perform for Oper<GetSiteConfig> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetSiteConfigResponse, LemmyError> {
     let data: &GetSiteConfig = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Only let admins read this
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     let config_hjson = Settings::read_config_file()?;
 
@@ -734,19 +694,13 @@ impl Perform for Oper<SaveSiteConfig> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetSiteConfigResponse, LemmyError> {
     let data: &SaveSiteConfig = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Only let admins read this
     let admins = blocking(pool, move |conn| UserView::admins(conn)).await??;
     let admin_ids: Vec<i32> = admins.into_iter().map(|m| m.id).collect();
 
-    if !admin_ids.contains(&user_id) {
+    if !admin_ids.contains(&user.id) {
       return Err(APIError::err("not_an_admin").into());
     }
 
diff --git a/server/src/api/user.rs b/server/src/api/user.rs
index f9a92cd3..e6cc6a37 100644
--- a/server/src/api/user.rs
+++ b/server/src/api/user.rs
@@ -1,5 +1,13 @@
 use crate::{
-  api::{claims::Claims, is_admin, APIError, Oper, Perform},
+  api::{
+    claims::Claims,
+    get_user_from_jwt,
+    get_user_from_jwt_opt,
+    is_admin,
+    APIError,
+    Oper,
+    Perform,
+  },
   apub::ApubObjectType,
   blocking,
   captcha_espeak_wav_base64,
@@ -543,14 +551,9 @@ impl Perform for Oper<SaveUserSettings> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<LoginResponse, LemmyError> {
     let data: &SaveUserSettings = &self.data;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
+    let user_id = user.id;
     let read_user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
 
     let email = match &data.email {
@@ -665,24 +668,7 @@ impl Perform for Oper<GetUserDetails> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetUserDetailsResponse, LemmyError> {
     let data: &GetUserDetails = &self.data;
-
-    // For logged in users, you need to get back subscribed, and settings
-    let user: Option<User_> = match &data.auth {
-      Some(auth) => match Claims::decode(&auth) {
-        Ok(claims) => {
-          let user_id = claims.claims.id;
-          let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-          Some(user)
-        }
-        Err(_e) => None,
-      },
-      None => None,
-    };
-
-    let user_id = match &user {
-      Some(user) => Some(user.id),
-      None => None,
-    };
+    let user = get_user_from_jwt_opt(&data.auth, pool).await?;
 
     let show_nsfw = match &user {
       Some(user) => user.show_nsfw,
@@ -712,6 +698,7 @@ impl Perform for Oper<GetUserDetails> {
     let limit = data.limit;
     let saved_only = data.saved_only;
     let community_id = data.community_id;
+    let user_id = user.map(|u| u.id);
     let (posts, comments) = blocking(pool, move |conn| {
       let mut posts_query = PostQueryBuilder::create(conn)
         .sort(&sort)
@@ -780,16 +767,10 @@ impl Perform for Oper<AddAdmin> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<AddAdminResponse, LemmyError> {
     let data: &AddAdmin = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Make sure user is an admin
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     let added = data.added;
     let added_user_id = data.user_id;
@@ -800,7 +781,7 @@ impl Perform for Oper<AddAdmin> {
 
     // Mod tables
     let form = ModAddForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       removed: Some(!data.added),
     };
@@ -839,16 +820,10 @@ impl Perform for Oper<BanUser> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<BanUserResponse, LemmyError> {
     let data: &BanUser = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Make sure user is an admin
-    is_admin(pool, user_id).await?;
+    is_admin(pool, user.id).await?;
 
     let ban = data.ban;
     let banned_user_id = data.user_id;
@@ -864,7 +839,7 @@ impl Perform for Oper<BanUser> {
     };
 
     let form = ModBanForm {
-      mod_user_id: user_id,
+      mod_user_id: user.id,
       other_user_id: data.user_id,
       reason: data.reason.to_owned(),
       banned: Some(data.ban),
@@ -903,19 +878,14 @@ impl Perform for Oper<GetReplies> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetRepliesResponse, LemmyError> {
     let data: &GetReplies = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let sort = SortType::from_str(&data.sort)?;
 
     let page = data.page;
     let limit = data.limit;
     let unread_only = data.unread_only;
+    let user_id = user.id;
     let replies = blocking(pool, move |conn| {
       ReplyQueryBuilder::create(conn, user_id)
         .sort(&sort)
@@ -940,19 +910,14 @@ impl Perform for Oper<GetUserMentions> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetUserMentionsResponse, LemmyError> {
     let data: &GetUserMentions = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let sort = SortType::from_str(&data.sort)?;
 
     let page = data.page;
     let limit = data.limit;
     let unread_only = data.unread_only;
+    let user_id = user.id;
     let mentions = blocking(pool, move |conn| {
       UserMentionQueryBuilder::create(conn, user_id)
         .sort(&sort)
@@ -977,19 +942,13 @@ impl Perform for Oper<MarkUserMentionAsRead> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<UserMentionResponse, LemmyError> {
     let data: &MarkUserMentionAsRead = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let user_mention_id = data.user_mention_id;
     let read_user_mention =
       blocking(pool, move |conn| UserMention::read(conn, user_mention_id)).await??;
 
-    if user_id != read_user_mention.recipient_id {
+    if user.id != read_user_mention.recipient_id {
       return Err(APIError::err("couldnt_update_comment").into());
     }
 
@@ -1001,6 +960,7 @@ impl Perform for Oper<MarkUserMentionAsRead> {
     };
 
     let user_mention_id = read_user_mention.id;
+    let user_id = user.id;
     let user_mention_view = blocking(pool, move |conn| {
       UserMentionView::read(conn, user_mention_id, user_id)
     })
@@ -1022,14 +982,9 @@ impl Perform for Oper<MarkAllAsRead> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<GetRepliesResponse, LemmyError> {
     let data: &MarkAllAsRead = &self.data;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
+    let user_id = user.id;
     let replies = blocking(pool, move |conn| {
       ReplyQueryBuilder::create(conn, user_id)
         .unread_only(true)
@@ -1076,15 +1031,7 @@ impl Perform for Oper<DeleteAccount> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<LoginResponse, LemmyError> {
     let data: &DeleteAccount = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Verify the password
     let valid: bool = verify(&data.password, &user.password_encrypted).unwrap_or(false);
@@ -1093,6 +1040,7 @@ impl Perform for Oper<DeleteAccount> {
     }
 
     // Comments
+    let user_id = user.id;
     let comments = blocking(pool, move |conn| {
       CommentQueryBuilder::create(conn)
         .for_creator_id(user_id)
@@ -1230,27 +1178,15 @@ impl Perform for Oper<CreatePrivateMessage> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PrivateMessageResponse, LemmyError> {
     let data: &CreatePrivateMessage = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     let hostname = &format!("https://{}", Settings::get().hostname);
 
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
-
     let content_slurs_removed = remove_slurs(&data.content.to_owned());
 
     let private_message_form = PrivateMessageForm {
       content: content_slurs_removed.to_owned(),
-      creator_id: user_id,
+      creator_id: user.id,
       recipient_id: data.recipient_id,
       deleted: None,
       read: None,
@@ -1341,25 +1277,13 @@ impl Perform for Oper<EditPrivateMessage> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PrivateMessageResponse, LemmyError> {
     let data: &EditPrivateMessage = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Checking permissions
     let edit_id = data.edit_id;
     let orig_private_message =
       blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
-    if user_id != orig_private_message.creator_id {
+    if user.id != orig_private_message.creator_id {
       return Err(APIError::err("no_private_message_edit_allowed").into());
     }
 
@@ -1409,25 +1333,13 @@ impl Perform for Oper<DeletePrivateMessage> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PrivateMessageResponse, LemmyError> {
     let data: &DeletePrivateMessage = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Checking permissions
     let edit_id = data.edit_id;
     let orig_private_message =
       blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
-    if user_id != orig_private_message.creator_id {
+    if user.id != orig_private_message.creator_id {
       return Err(APIError::err("no_private_message_edit_allowed").into());
     }
 
@@ -1483,25 +1395,13 @@ impl Perform for Oper<MarkPrivateMessageAsRead> {
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<PrivateMessageResponse, LemmyError> {
     let data: &MarkPrivateMessageAsRead = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
-
-    // Check for a site ban
-    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
-    if user.banned {
-      return Err(APIError::err("site_ban").into());
-    }
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     // Checking permissions
     let edit_id = data.edit_id;
     let orig_private_message =
       blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
-    if user_id != orig_private_message.recipient_id {
+    if user.id != orig_private_message.recipient_id {
       return Err(APIError::err("couldnt_update_private_message").into());
     }
 
@@ -1548,13 +1448,8 @@ impl Perform for Oper<GetPrivateMessages> {
     _websocket_info: Option<WebsocketInfo>,
   ) -> Result<PrivateMessagesResponse, LemmyError> {
     let data: &GetPrivateMessages = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
+    let user_id = user.id;
 
     let page = data.page;
     let limit = data.limit;
@@ -1578,24 +1473,21 @@ impl Perform for Oper<UserJoin> {
 
   async fn perform(
     &self,
-    _pool: &DbPool,
+    pool: &DbPool,
     websocket_info: Option<WebsocketInfo>,
   ) -> Result<UserJoinResponse, LemmyError> {
     let data: &UserJoin = &self.data;
-
-    let claims = match Claims::decode(&data.auth) {
-      Ok(claims) => claims.claims,
-      Err(_e) => return Err(APIError::err("not_logged_in").into()),
-    };
-
-    let user_id = claims.id;
+    let user = get_user_from_jwt(&data.auth, pool).await?;
 
     if let Some(ws) = websocket_info {
       if let Some(id) = ws.id {
-        ws.chatserver.do_send(JoinUserRoom { user_id, id });
+        ws.chatserver.do_send(JoinUserRoom {
+          user_id: user.id,
+          id,
+        });
       }
     }
 
-    Ok(UserJoinResponse { user_id })
+    Ok(UserJoinResponse { user_id: user.id })
   }
 }