ember/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix: Correctly return M_USER_LOCKED during login

Browse source
This commit is contained in:
timedout 2026-01-06 21:47:58 +00:00
parent 37574ef5cc
commit 88a35e139d
No known key found for this signature in database
GPG key ID: 0FA334385D0B689F
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/api/client/session.rs
View file

@ -13,6 +13,7 @@ use futures::StreamExt;
use ruma::{
OwnedUserId, UserId,
api::client::{
error::ErrorKind,
session::{
get_login_token,
get_login_types::{
@ -185,6 +186,10 @@ pub(crate) async fn handle_login(
return Err!(Request(Unknown("User ID does not belong to this homeserver")));
}
if services.users.is_locked(&user_id)? {
return Err(Error::BadRequest(ErrorKind::UserLocked, "This account has been locked."));
}
if services.users.is_login_disabled(&user_id).await {
warn!(%user_id, "user attempted to log in with a login-disabled account");
return Err!(Request(Forbidden("This account is not permitted to log in.")));