diff --git a/pkg/internal/models/accounts.go b/pkg/internal/models/accounts.go index b58bc3f..cefd894 100644 --- a/pkg/internal/models/accounts.go +++ b/pkg/internal/models/accounts.go @@ -18,6 +18,7 @@ type Account struct { Avatar *uint `json:"avatar"` Banner *uint `json:"banner"` ConfirmedAt *time.Time `json:"confirmed_at"` + SuspendedAt *time.Time `json:"suspended_at"` PermNodes datatypes.JSONMap `json:"perm_nodes"` Profile AccountProfile `json:"profile"` diff --git a/pkg/internal/server/admin/permissions_api.go b/pkg/internal/server/admin/permissions_api.go index 192c684..2ec752c 100644 --- a/pkg/internal/server/admin/permissions_api.go +++ b/pkg/internal/server/admin/permissions_api.go @@ -2,6 +2,7 @@ package admin import ( "fmt" + "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts" @@ -33,6 +34,8 @@ func editUserPermission(c *fiber.Ctx) error { prev := user.PermNodes user.PermNodes = data.PermNodes + services.InvalidAuthCacheWithUser(user.ID) + if err := database.C.Save(&user).Error; err != nil { return fiber.NewError(fiber.StatusInternalServerError, err.Error()) } else { diff --git a/pkg/internal/server/api/auth_api.go b/pkg/internal/server/api/auth_api.go index bb8af6a..13f4f13 100644 --- a/pkg/internal/server/api/auth_api.go +++ b/pkg/internal/server/api/auth_api.go @@ -2,9 +2,10 @@ package api import ( "fmt" - "git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts" "time" + "git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts" + "github.com/gofiber/fiber/v2" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" @@ -39,6 +40,8 @@ func doAuthenticate(c *fiber.Ctx) error { return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err.Error())) } else if user.ConfirmedAt == nil { return fiber.NewError(fiber.StatusForbidden, "account was not confirmed") + } else if user.SuspendedAt == nil { + return fiber.NewError(fiber.StatusForbidden, "account was suspended") } ticket, err := services.NewTicket(user, c.IP(), c.Get(fiber.HeaderUserAgent))