Add validation for whether the assistive user is activated.

2024-03-06 10:38:20 +08:00 · 2024-03-06 10:38:20 +08:00 · 3549b38ee8
commit 3549b38ee8
parent f5fb888c85
1 changed files with 3 additions and 0 deletions
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@ -49,6 +49,9 @@ async def login_access_token(
                            is_superuser=False, hashed_password=get_password_hash(token))
                user.create(db)
            else:
+                # 辅助验证用户若未启用，则禁止登录
+                if not user.is_active:
+                    raise HTTPException(status_code=403, detail="用户未启用")
                # 普通用户权限
                user.is_superuser = False
    elif not user.is_active: