diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -271,13 +271,11 @@ class  AuthUser(object):
         if self._api_key and self._api_key != self.anonymous_user.api_key:
             #try go get user by api key
             log.debug('Auth User lookup by API KEY %s', self._api_key)
-            user_model.fill_data(self, api_key=self._api_key)
-            is_user_loaded = True
+            is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
         elif self.user_id is not None \
             and self.user_id != self.anonymous_user.user_id:
             log.debug('Auth User lookup by USER ID %s', self.user_id)
-            user_model.fill_data(self, user_id=self.user_id)
-            is_user_loaded = True
+            is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
         elif self.username:
             log.debug('Auth User lookup by USER NAME %s', self.username)
             dbuser = User.get_by_username(self.username)
@@ -296,6 +294,8 @@ class  AuthUser(object):
                 #then we set this user is logged in
                 self.is_authenticated = True
             else:
+                self.user_id = None
+                self.username = None
                 self.is_authenticated = False
 
         if not self.username:
diff --git a/rhodecode/lib/base.py b/rhodecode/lib/base.py
--- a/rhodecode/lib/base.py
+++ b/rhodecode/lib/base.py
@@ -50,7 +50,8 @@ class BaseController(WSGIController):
                 username = None
 
             self.rhodecode_user = c.rhodecode_user = AuthUser(user_id, api_key, username)
-            if not self.rhodecode_user.is_authenticated:
+            if not self.rhodecode_user.is_authenticated and \
+                       self.rhodecode_user.user_id is not None:
                 self.rhodecode_user.set_authenticated(
                                         getattr(session.get('rhodecode_user'),
                                        'is_authenticated', False))
diff --git a/rhodecode/model/user.py b/rhodecode/model/user.py
--- a/rhodecode/model/user.py
+++ b/rhodecode/model/user.py
@@ -243,16 +243,19 @@ class UserModel(BaseModel):
             else:
                 dbuser = self.get(user_id)
 
-            if dbuser is not None:
+            if dbuser is not None and dbuser.active:
                 log.debug('filling %s data', dbuser)
                 for k, v in dbuser.get_dict().items():
                     setattr(auth_user, k, v)
+            else:
+                return False
 
         except:
             log.error(traceback.format_exc())
             auth_user.is_authenticated = False
+            return False
 
-        return auth_user
+        return True
 
     def fill_perms(self, user):
         """