From bc9dcc7cbcc1cfd5610cc37a40499e203a81cbaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Turbelin?= Date: Wed, 4 May 2022 10:42:24 +0200 Subject: [PATCH] Block disabled users from logging in --- app/controllers/application_controller.rb | 9 +++++++++ config/locales/en.yml | 3 +++ 2 files changed, 12 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5020faf7b6..fc3658cdc3 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -39,6 +39,7 @@ class ApplicationController < ActionController::Base include Spree::Core::ControllerHelpers::Common before_action :set_cache_headers # prevent cart emptying via cache when using back button #1213 + before_action :check_disabled_user, if: :spree_user_signed_in? before_action :set_after_login_url include RawParams @@ -159,6 +160,14 @@ class ApplicationController < ActionController::Base response.headers["Pragma"] = "no-cache" response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" end + + def check_disabled_user + return unless current_spree_user.disabled? + + flash[:success] = nil + flash.now[:error] = I18n.t("devise.failure.disabled") + sign_out current_spree_user + end end require 'spree/i18n/initializer' diff --git a/config/locales/en.yml b/config/locales/en.yml index be5ab9ac9c..a6eb54c63f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -207,6 +207,9 @@ en: signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please open the link to activate your account." unknown_error: "Something went wrong while creating your account. Check your email address and try again." failure: + disabled: | + Your account has been disabled. + Please contact an adminsitrator to solve this issue. invalid: | Invalid email or password. Were you a guest last time? Perhaps you need to create an account or reset your password.