diff options
| author |  Alexis Degrugillier <aledeg@users.noreply.github.com>
| 2020-06-14 19:50:09 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-06-14 19:50:09 +0200 |
| commit | caeb660f29d13db62d5381c262aa03e12f201ea2 (patch) | |
| tree | bbe593de7c584f15c67c1e4c96f0852c2c5637ed /p/api/greader.php | |
| parent | 6edbeaaf6add5e6f60d949301a05ef42fbdc6afd (diff) | |
Add a way to disable/enable users (#3056)
If you want to block users without deleting their account, you can now
disable them from the interface.
Diffstat (limited to 'p/api/greader.php')
| -rw-r--r-- | p/api/greader.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/p/api/greader.php b/p/api/greader.php index a9e6398d2..b87387bd7 100644 --- a/p/api/greader.php +++ b/p/api/greader.php @@ -157,6 +157,10 @@ function authorizationToUser() { Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); unauthorized(); } + if (!FreshRSS_Context::$user_conf->enabled) { + Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); + unauthorized(); + } if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { return $user; } else { |