3pp-mirror/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-05-27 19:26:11 +02:00
Code Issues Projects Releases Packages Wiki Activity

🎉 Add the ability to completly block access to a profile

Browse source
This commit is contained in:
Andrey Antukh 2022-09-22 16:48:16 +02:00
parent 37e2fe5c65
commit 757cee67fb
10 changed files with 83 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

28
backend/src/app/rpc/commands/auth.clj
View file

@ -97,15 +97,19 @@
(:valid (verify-password password (:password profile))))
(validate-profile [profile]
(when-not (:is-active profile)
(ex/raise :type :validation
:code :wrong-credentials))
(when-not profile
(ex/raise :type :validation
:code :wrong-credentials))
(when-not (:is-active profile)
(ex/raise :type :validation
:code :wrong-credentials))
(when (:is-blocked profile)
(ex/raise :type :restriction
:code :profile-blocked))
(when-not (check-password profile password)
(ex/raise :type :validation
:code :wrong-credentials))
profile)]
(db/with-atomic [conn pool]
@ -231,15 +235,19 @@
(validate-register-attempt! cfg params)
(let [profile (when-let [profile (profile/retrieve-profile-data-by-email pool (:email params))]
(if (:is-active profile)
(cond
(:is-blocked profile)
(ex/raise :type :restriction
:code :profile-blocked)
(and (not (:is-active profile))
(elapsed-register-retry-threshold? profile))
profile
:else
(ex/raise :type :validation
:code :email-already-exists
:hint "profile already exists and correctly validated")
(if (elapsed-register-retry-threshold? profile)
profile
(ex/raise :type :validation
:code :email-already-exists
:hint "profile already exists"))))
:hint "profile already exists")))
params {:email (:email params)
:password (:password params)