refactor(auth): check if account is pending deletion in doLogin

LumeWeb · Sep 18, 2024 · 16706a4 · 16706a4
1 parent 7633dfa
commit 16706a4
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/service/auth.go b/service/auth.go
@@ -213,14 +213,23 @@ func (a AuthServiceDefault) doLogin(user *models.User, ip string, bypassSecurity
 		purpose = core.JWTPurpose2FA
 	}
 
+	deletionPending, err := a.user.IsAccountPendingDeletion(user.ID)
+	if err != nil {
+		return "", err
+	}
+
+	if deletionPending {
+		return "", core.NewAccountError(core.ErrKeyAccountPendingDeletion, nil)
+	}
+
 	token, jwtErr := core.JWTGenerateToken(a.config.Config().Core.Domain, a.ctx.Config().Config().Core.Identity.PrivateKey(), user.ID, purpose, rememberMe)
 	if jwtErr != nil {
 		return "", core.NewAccountError(core.ErrKeyJWTGenerationFailed, jwtErr)
 	}
 
 	now := time.Now()
 
-	err := a.user.UpdateAccountInfo(user.ID, map[string]any{"last_login_ip": ip, "last_login": &now})
+	err = a.user.UpdateAccountInfo(user.ID, map[string]any{"last_login_ip": ip, "last_login": &now})
 	if err != nil {
 		return "", err
 	}