diff --git a/client/modules/User/actions.js b/client/modules/User/actions.js
index 2a11d9ca12..ec348ae735 100644
--- a/client/modules/User/actions.js
+++ b/client/modules/User/actions.js
@@ -96,6 +96,10 @@ export function getUser() {
       const response = await apiClient.get('/session');
       const { data } = response;
 
+      if (data?.user === null) {
+        return;
+      }
+
       dispatch(authenticateUser(data));
       dispatch({
         type: ActionTypes.SET_PREFERENCES,
@@ -112,21 +116,19 @@ export function getUser() {
 }
 
 export function validateSession() {
-  return (dispatch, getState) => {
-    apiClient
-      .get('/session')
-      .then((response) => {
-        const state = getState();
-        if (state.user.username !== response.data.username) {
-          dispatch(showErrorModal('staleSession'));
-        }
-      })
-      .catch((error) => {
-        const { response } = error;
-        if (response.status === 404) {
-          dispatch(showErrorModal('staleSession'));
-        }
-      });
+  return async (dispatch, getState) => {
+    try {
+      const response = await apiClient.get('/session');
+      const state = getState();
+
+      if (state.user.username !== response.data.username) {
+        dispatch(showErrorModal('staleSession'));
+      }
+    } catch (error) {
+      if (error.response && error.response.status === 404) {
+        dispatch(showErrorModal('staleSession'));
+      }
+    }
   };
 }
 
diff --git a/server/controllers/aws.controller.js b/server/controllers/aws.controller.js
index 8bbf25576c..a201e01213 100644
--- a/server/controllers/aws.controller.js
+++ b/server/controllers/aws.controller.js
@@ -41,7 +41,7 @@ export function getObjectKey(url) {
 }
 
 export async function deleteObjectsFromS3(keyList, callback) {
-  const objectsToDelete = keyList.map((key) => ({ Key: key }));
+  const objectsToDelete = keyList?.map((key) => ({ Key: key }));
 
   if (objectsToDelete.length > 0) {
     const params = {
@@ -168,7 +168,7 @@ export async function listObjectsInS3ForUser(userId) {
 
     const data = await s3Client.send(new ListObjectsCommand(params));
 
-    assets = data.Contents.map((object) => ({
+    assets = data.Contents?.map((object) => ({
       key: object.Key,
       size: object.Size
     }));
@@ -177,7 +177,7 @@ export async function listObjectsInS3ForUser(userId) {
     const projectAssets = [];
     let totalSize = 0;
 
-    assets.forEach((asset) => {
+    assets?.forEach((asset) => {
       const name = asset.key.split('/').pop();
       const foundAsset = {
         key: asset.key,
diff --git a/server/controllers/session.controller.js b/server/controllers/session.controller.js
index 6604dcdc69..173e9e9834 100644
--- a/server/controllers/session.controller.js
+++ b/server/controllers/session.controller.js
@@ -24,10 +24,14 @@ export function createSession(req, res, next) {
 }
 
 export function getSession(req, res) {
-  if (req.user && !req.user.banned) {
-    return res.json(userResponse(req.user));
+  if (!req.user) {
+    return res.status(200).send({ user: null });
   }
-  return res.status(404).send({ message: 'Session does not exist' });
+  if (req.user.banned) {
+    return res.status(403).send({ message: 'Forbidden: User is banned.' });
+  }
+
+  return res.json(userResponse(req.user));
 }
 
 export function destroySession(req, res, next) {
diff --git a/server/models/user.js b/server/models/user.js
index e7b85a8af7..4c67df2505 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -163,7 +163,8 @@ userSchema.methods.comparePassword = async function comparePassword(
   candidatePassword
 ) {
   if (!this.password) {
-    throw new Error('No password is set for this user.');
+    console.error('No password is set for this user.');
+    return false;
   }
 
   try {