Add a way to disable/enable users (#3056)

If you want to block users without deleting their account, you can now disable them from the interface.
author: Alexis Degrugillier <aledeg@users.noreply.github.com> 2020-06-14 19:50:09 +0200
committer: GitHub <noreply@github.com> 2020-06-14 19:50:09 +0200
commit: caeb660f29d13db62d5381c262aa03e12f201ea2 (patch)
tree: bbe593de7c584f15c67c1e4c96f0852c2c5637ed /app/Controllers/authController.php
parent: 6edbeaaf6add5e6f60d949301a05ef42fbdc6afd (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index d158092bf..cef8f9d2d 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -131,6 +131,11 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				return;
 			}
 
+			if (!$conf->enabled) {
+				Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false);
+				return;
+			}
+
 			$ok = FreshRSS_FormAuth::checkCredentials(
 				$username, $conf->passwordHash, $nonce, $challenge
 			);
author	Alexis Degrugillier <aledeg@users.noreply.github.com>	2020-06-14 19:50:09 +0200
committer	GitHub <noreply@github.com>	2020-06-14 19:50:09 +0200
commit	caeb660f29d13db62d5381c262aa03e12f201ea2 (patch)
tree	bbe593de7c584f15c67c1e4c96f0852c2c5637ed /app/Controllers/authController.php
parent	6edbeaaf6add5e6f60d949301a05ef42fbdc6afd (diff)