Block disabled users from logging in

2026-02-11 23:17:48 +00:00 · 2022-05-04 10:42:24 +02:00
parent 39a6b5d20f
commit bc9dcc7cbc
2 changed files with 12 additions and 0 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -39,6 +39,7 @@ class ApplicationController < ActionController::Base
  include Spree::Core::ControllerHelpers::Common

  before_action :set_cache_headers # prevent cart emptying via cache when using back button #1213
+  before_action :check_disabled_user, if: :spree_user_signed_in?
  before_action :set_after_login_url

  include RawParams
@@ -159,6 +160,14 @@ class ApplicationController < ActionController::Base
    response.headers["Pragma"] = "no-cache"
    response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
  end
+
+  def check_disabled_user
+    return unless current_spree_user.disabled?
+
+    flash[:success] = nil
+    flash.now[:error] = I18n.t("devise.failure.disabled")
+    sign_out current_spree_user
+  end
 end

 require 'spree/i18n/initializer'
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -207,6 +207,9 @@ en:
        signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please open the link to activate your account."
        unknown_error: "Something went wrong while creating your account. Check your email address and try again."
    failure:
+      disabled: |
+        Your account has been disabled.
+        Please contact an adminsitrator to solve this issue.
      invalid: |
        Invalid email or password.
        Were you a guest last time?  Perhaps you need to create an account or reset your password.