StrafesNET/dev-service
3
Fork 0
Code Issues 1 Pull Requests Activity

Make requests read only when account disabled
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
itzaname
2025-06-28 00:08:23 -04:00
parent d832734f0d
commit e90570e2ae
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/api/middleware/auth.go
View File

@@ -37,6 +37,12 @@ func UserSession(authService *authz.Service) gin.HandlerFunc {
return
}
// If the request is not GET and disabled, deny it
if ctx.Request.Method != "GET" && !user.Active {
ctx.JSON(http.StatusForbidden, gin.H{"error": "User is disabled"})
ctx.Abort()
}
// Get user session
userSession, err := authService.GetUserAuthProfile(ctx, sessionId)
if err != nil {