From 3549b38ee8e6bf41d63e73e930d44a4ee35d1799 Mon Sep 17 00:00:00 2001
From: Richard Guan <richard.guan.dev@gmail.com>
Date: Wed, 6 Mar 2024 10:38:20 +0800
Subject: [PATCH] Add validation for whether the assistive user is activated.

---
 app/api/endpoints/login.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/api/endpoints/login.py b/app/api/endpoints/login.py
index 958afabf..91027443 100644
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@@ -49,6 +49,9 @@ async def login_access_token(
                             is_superuser=False, hashed_password=get_password_hash(token))
                 user.create(db)
             else:
+                # 辅助验证用户若未启用，则禁止登录
+                if not user.is_active:
+                    raise HTTPException(status_code=403, detail="用户未启用")
                 # 普通用户权限
                 user.is_superuser = False
     elif not user.is_active: