Skip to content

fix: Suspended users cannot authenticate #1849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 18 commits into from
May 31, 2022
Merged

fix: Suspended users cannot authenticate #1849

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
8a2b6c2
fix: Suspended users cannot authenticate
Emyrk May 27, 2022
43dece2
Merge remote-tracking branch 'origin/main' into stevenmasley/suspende…
Emyrk May 27, 2022
87f28a2
Add unit test for log into suspended account
Emyrk May 27, 2022
047c234
Formatting
Emyrk May 27, 2022
d2bc5b8
feat: UI Shows suspended error logging into suspended account
Emyrk May 27, 2022
cc9b573
Merge remote-tracking branch 'origin/main' into stevenmasley/suspende…
Emyrk May 27, 2022
8654dd1
cleanup
Emyrk May 27, 2022
489b2fe
fix: Show suspended users in the UI
Emyrk May 27, 2022
15a9b36
Fix column order
Emyrk May 27, 2022
55c5fe6
Currently "activate" on ui does nothing
Emyrk May 27, 2022
c5f33a5
Linting fixes
Emyrk May 27, 2022
f9a47a9
Account for no status filters sent
Emyrk May 27, 2022
71ba332
Linting fix eslint
Emyrk May 27, 2022
54f44d9
Shfmt
Emyrk May 27, 2022
8dbf464
Fix BE error message
Emyrk May 27, 2022
60ac7e4
Add correct error message
Emyrk May 27, 2022
f738fa2
Merge remote-tracking branch 'origin/main' into stevenmasley/suspende…
Emyrk May 27, 2022
df96f3d
change 'active' route to 'activate'
Emyrk May 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add unit test for log into suspended account
  • Loading branch information
@Emyrk
Emyrk committed May 27, 2022
commit 87f28a24eef33e523c18c290cebb04615a4104bb
8 changes: 8 additions & 0 deletions coderd/users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -637,6 +637,14 @@ func (api *API) postLogin(rw http.ResponseWriter, r *http.Request) {
return
}

// If the user logged into a suspended account, reject the login request.
if user.Status != database.UserStatusActive {
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
Message: fmt.Sprintf("user is not active (status = %q), contact an admin to reactivate your account", user.Status),
})
return
}

sessionToken, created := api.createAPIKey(rw, r, database.InsertAPIKeyParams{
UserID: user.ID,
LoginType: database.LoginTypePassword,
Expand Down
22 changes: 22 additions & 0 deletions coderd/users_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,28 @@ func TestPostLogin(t *testing.T) {
require.Equal(t, http.StatusUnauthorized, apiErr.StatusCode())
})

t.Run("Suspended", func(t *testing.T) {
t.Parallel()
client := coderdtest.New(t, nil)
first := coderdtest.CreateFirstUser(t, client)

member := coderdtest.CreateAnotherUser(t, client, first.OrganizationID)
memberUser, err := member.User(context.Background(), codersdk.Me)
require.NoError(t, err, "fetch member user")

_, err = client.UpdateUserStatus(context.Background(), memberUser.Username, codersdk.UserStatusSuspended)
require.NoError(t, err, "suspend member")

_, err = client.LoginWithPassword(context.Background(), codersdk.LoginWithPasswordRequest{
Email: memberUser.Email,
Password: "testpass",
})
var apiErr *codersdk.Error
require.ErrorAs(t, err, &apiErr)
require.Equal(t, http.StatusUnauthorized, apiErr.StatusCode())
require.Contains(t, apiErr.Message, "suspended")
})

t.Run("Success", func(t *testing.T) {
t.Parallel()
client := coderdtest.New(t, nil)
Expand Down