From 70b81522fa6cb02917a0309129ac05c1c4f5d216 Mon Sep 17 00:00:00 2001 From: cuigh Date: Tue, 4 Dec 2018 14:12:56 +0800 Subject: [PATCH] Disable login of blocked users --- security/auth.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/security/auth.go b/security/auth.go index c8b68e0..d56164c 100644 --- a/security/auth.go +++ b/security/auth.go @@ -31,6 +31,10 @@ func Validator(setting *model.Setting) func(name, pwd string) (ticket string, er return } + if mu != nil && mu.Status == model.UserStatusBlocked { + return "", certify.ErrAccountDisabled + } + if mu != nil && mu.Type == model.UserTypeInternal { // internal user if !passwd.Validate(pwd, mu.Password, mu.Salt) { err = certify.ErrInvalidToken