chamomind/elearning
7
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages 3 Wiki Activity Actions

add is_deactivated

Browse source
This commit is contained in:
JakkrapartXD 2026-01-15 10:17:15 +07:00
parent a8976723b2
commit bb80b8a419
3 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Backend/prisma/schema.prisma
View file

@ -34,6 +34,7 @@ model User {
password String @db.VarChar(255) password String @db.VarChar(255)
role_id Int role_id Int
email_verified_at DateTime? email_verified_at DateTime?
is_deactivated Boolean @default(false)
created_at DateTime @default(now()) created_at DateTime @default(now())
updated_at DateTime? @updatedAt updated_at DateTime? @updatedAt

6
Backend/src/services/auth.service.ts
View file

@ -37,6 +37,12 @@ export class AuthService {
throw new UnauthorizedError('Invalid email or password'); throw new UnauthorizedError('Invalid email or password');
} }
// Check if account is deactivated
if (user.is_deactivated) {
logger.warn('Login attempt with deactivated account', { email, userId: user.id });
throw new ForbiddenError('This account has been deactivated');
}
// Verify password // Verify password
const isPasswordValid = await bcrypt.compare(password, user.password); const isPasswordValid = await bcrypt.compare(password, user.password);
if (!isPasswordValid) { if (!isPasswordValid) {

19
Backend/src/services/user.service.ts
View file

@ -32,6 +32,12 @@ export class UserService {
if (!user) throw new UnauthorizedError("User not found"); if (!user) throw new UnauthorizedError("User not found");
// Check if account is deactivated
if (user.is_deactivated) {
logger.warn('Profile access attempt with deactivated account', { userId: user.id });
throw new ForbiddenError('This account has been deactivated');
}
return { return {
id: user.id, id: user.id,
username: user.username, username: user.username,
@ -76,6 +82,12 @@ export class UserService {
const user = await prisma.user.findUnique({ where: { id: decoded.id } }); const user = await prisma.user.findUnique({ where: { id: decoded.id } });
if (!user) throw new UnauthorizedError('User not found'); if (!user) throw new UnauthorizedError('User not found');
// Check if account is deactivated
if (user.is_deactivated) {
logger.warn('Password change attempt with deactivated account', { userId: user.id });
throw new ForbiddenError('This account has been deactivated');
}
// Verify old password // Verify old password
const isPasswordValid = await bcrypt.compare(oldPassword, user.password); const isPasswordValid = await bcrypt.compare(oldPassword, user.password);
if (!isPasswordValid) throw new UnauthorizedError('Invalid old password'); if (!isPasswordValid) throw new UnauthorizedError('Invalid old password');
@ -119,6 +131,12 @@ export class UserService {
const user = await prisma.user.findUnique({ where: { id: decoded.id } }); const user = await prisma.user.findUnique({ where: { id: decoded.id } });
if (!user) throw new UnauthorizedError('User not found'); if (!user) throw new UnauthorizedError('User not found');
// Check if account is deactivated
if (user.is_deactivated) {
logger.warn('Profile update attempt with deactivated account', { userId: user.id });
throw new ForbiddenError('This account has been deactivated');
}
// Update profile // Update profile
const updatedProfile = await prisma.userProfile.update({ const updatedProfile = await prisma.userProfile.update({
where: { user_id: user.id }, where: { user_id: user.id },
@ -153,6 +171,7 @@ export class UserService {
} }
} }
/** /**
* Format user response * Format user response
*/ */