Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard * fix tests * fix bug user status leak * fix typo * return after render
This commit is contained in:
Lunny Xiao
Lauris BH
parent
538a26d56f
commit
f5fa22a499
7 changed files with 83 additions and 9 deletions
|
|
@ -8,6 +8,7 @@ import (
|
|||
"net/url"
|
||||
|
||||
"code.gitea.io/gitea/modules/auth"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"github.com/go-macaron/csrf"
|
||||
macaron "gopkg.in/macaron.v1"
|
||||
|
|
@ -32,8 +33,12 @@ func Toggle(options *ToggleOptions) macaron.Handler {
|
|||
|
||||
// Check prohibit login users.
|
||||
if ctx.IsSigned {
|
||||
|
||||
if ctx.User.ProhibitLogin {
|
||||
if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
|
||||
ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
|
||||
ctx.HTML(200, "user/auth/activate")
|
||||
return
|
||||
} else if !ctx.User.IsActive || ctx.User.ProhibitLogin {
|
||||
log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr())
|
||||
ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
|
||||
ctx.HTML(200, "user/auth/prohibit_login")
|
||||
return
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue