fix: block login for StatusAccountLocked users

This commit is contained in:
kolaente 2026-03-20 10:07:48 +01:00 committed by kolaente
parent 7792bf6cea
commit 4c80932b64
1 changed files with 2 additions and 2 deletions

View File

@ -71,7 +71,7 @@ func Login(c *echo.Context) (err error) {
}
}
if user.Status == user2.StatusDisabled {
if user.Status == user2.StatusDisabled || user.Status == user2.StatusAccountLocked {
_ = s.Rollback()
return &user2.ErrAccountDisabled{UserID: user.ID}
}
@ -244,7 +244,7 @@ func RefreshToken(c *echo.Context) (err error) {
return err
}
if u.Status == user2.StatusDisabled {
if u.Status == user2.StatusDisabled || u.Status == user2.StatusAccountLocked {
if _, err := s.Where("id = ?", session.ID).Delete(&models.Session{}); err != nil {
_ = s.Rollback()
return err