add is_deactivated

2026-01-15 10:17:15 +07:00 · 2026-01-15 10:17:15 +07:00 · bb80b8a419
commit bb80b8a419
parent a8976723b2
3 changed files with 26 additions and 0 deletions
--- a/Backend/prisma/schema.prisma
+++ b/Backend/prisma/schema.prisma
@ -34,6 +34,7 @@ model User {
  password          String    @db.VarChar(255)
  role_id           Int
  email_verified_at DateTime?
+  is_deactivated    Boolean   @default(false)
  created_at        DateTime  @default(now())
  updated_at        DateTime? @updatedAt

--- a/Backend/src/services/auth.service.ts
+++ b/Backend/src/services/auth.service.ts
@ -37,6 +37,12 @@ export class AuthService {
            throw new UnauthorizedError('Invalid email or password');
        }

+        // Check if account is deactivated
+        if (user.is_deactivated) {
+            logger.warn('Login attempt with deactivated account', { email, userId: user.id });
+            throw new ForbiddenError('This account has been deactivated');
+        }
+
        // Verify password
        const isPasswordValid = await bcrypt.compare(password, user.password);
        if (!isPasswordValid) {
--- a/Backend/src/services/user.service.ts
+++ b/Backend/src/services/user.service.ts
@ -32,6 +32,12 @@ export class UserService {

            if (!user) throw new UnauthorizedError("User not found");

+            // Check if account is deactivated
+            if (user.is_deactivated) {
+                logger.warn('Profile access attempt with deactivated account', { userId: user.id });
+                throw new ForbiddenError('This account has been deactivated');
+            }
+
            return {
                id: user.id,
                username: user.username,
@ -76,6 +82,12 @@ export class UserService {
            const user = await prisma.user.findUnique({ where: { id: decoded.id } });
            if (!user) throw new UnauthorizedError('User not found');

+            // Check if account is deactivated
+            if (user.is_deactivated) {
+                logger.warn('Password change attempt with deactivated account', { userId: user.id });
+                throw new ForbiddenError('This account has been deactivated');
+            }
+
            // Verify old password
            const isPasswordValid = await bcrypt.compare(oldPassword, user.password);
            if (!isPasswordValid) throw new UnauthorizedError('Invalid old password');
@ -119,6 +131,12 @@ export class UserService {
            const user = await prisma.user.findUnique({ where: { id: decoded.id } });
            if (!user) throw new UnauthorizedError('User not found');

+            // Check if account is deactivated
+            if (user.is_deactivated) {
+                logger.warn('Profile update attempt with deactivated account', { userId: user.id });
+                throw new ForbiddenError('This account has been deactivated');
+            }
+
            // Update profile
            const updatedProfile = await prisma.userProfile.update({
                where: { user_id: user.id },
@ -153,6 +171,7 @@ export class UserService {
        }
    }

+
    /**
         * Format user response
         */