diff --git a/src/authd/user.cr b/src/authd/user.cr
index e6b98ba..7bafbf0 100644
--- a/src/authd/user.cr
+++ b/src/authd/user.cr
@@ -4,6 +4,8 @@ require "uuid"
 class AuthD::User
 	include JSON::Serializable
 
+	def_clone
+
 	enum PermissionLevel
 		None
 		Read
@@ -18,6 +20,8 @@ class AuthD::User
 	class Contact
 		include JSON::Serializable
 
+		def_clone
+
 		# the activation key is removed once the user is validated
 		property activation_key : String? = nil
 		property email          : String?
diff --git a/src/requests/moduser.cr b/src/requests/moduser.cr
index b61c475..92962b0 100644
--- a/src/requests/moduser.cr
+++ b/src/requests/moduser.cr
@@ -12,6 +12,7 @@ class AuthD::Request
 			logged_user = authd.get_logged_user_full? fd
 			return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
 
+			# The user will be modified, we should get a COPY of the user.
 			user = if u = @user
 				logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
 				authd.user? u
@@ -20,23 +21,29 @@ class AuthD::Request
 			end
 			return Response::ErrorUserNotFound.new if user.nil?
 
+			cloned_user : AuthD::User = user.clone
+
 			# Only an admin can uprank or downrank someone.
 			if admin = @admin
 				logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
-				user.admin = admin
+				cloned_user.admin = admin
 			end
 
 			@password.try do |s|
-				user.password_hash = authd.hash_password s
+				cloned_user.password_hash = authd.hash_password s
 			end
 
 			@email.try do |email|
-				user.contact.email = email
+				cloned_user.contact.email = email
 			end
 
-			authd.users_per_uid.update user.uid.to_s, user
+			begin
+				authd.users_per_uid.update cloned_user.uid.to_s, cloned_user
+			rescue e
+				return Response::Error.new "could not update the user (email may already be used)"
+			end
 
-			Response::UserEdited.new user.uid
+			Response::UserEdited.new cloned_user.uid
 		end
 	end
 	AuthD.requests << ModUser