steve/restic-manager
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 1 Wiki Activity

http: session/login reject disabled users; mid-session disable kicks immediately

Browse Source
This commit is contained in:
Steve Cliff
2026-05-05 09:22:07 +01:00
parent c75777b60f
commit 56108ffc33
4 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/http/ui_handlers.go
+4
View File
@@ -66,6 +66,10 @@ func (s *Server) sessionUser(r *stdhttp.Request) (*ui.User, error) {
}
return nil, err
}
if u.DisabledAt != nil {
_ = s.deps.Store.DeleteSession(r.Context(), auth.HashToken(c.Value))
return nil, nil
}
return &ui.User{ID: u.ID, Username: u.Username, Role: string(u.Role)}, nil
}