X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmongooseim%2Fmongoose_im_controller.ex;h=744cf5227e02a5e648a5e403f4ffd753d285a3d4;hb=a626cb682cc8fd6cad91484db064ed22646960af;hp=358600e7d1ff34c0bc308fb80f4c831b6e10a459;hpb=e73cc742b92ff957c234f395035ade9948088bf0;p=akkoma
diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
index 358600e7d..744cf5227 100644
--- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
+++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
@@ -26,21 +26,36 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
end
def check_password(conn, %{"user" => username, "pass" => password}) do
- with %User{password_hash: password_hash} <-
- Repo.get_by(User, nickname: username, local: true),
- true <- Pbkdf2.checkpw(password, password_hash) do
- conn
- |> json(true)
- else
- false ->
+ user = Repo.get_by(User, nickname: username, local: true)
+
+ case User.account_status(user) do
+ :deactivated ->
conn
- |> put_status(:forbidden)
+ |> put_status(:not_found)
|> json(false)
- _ ->
+ :confirmation_pending ->
conn
|> put_status(:not_found)
|> json(false)
+
+ _ ->
+ with %User{password_hash: password_hash} <-
+ user,
+ true <- Pbkdf2.checkpw(password, password_hash) do
+ conn
+ |> json(true)
+ else
+ false ->
+ conn
+ |> put_status(:forbidden)
+ |> json(false)
+
+ _ ->
+ conn
+ |> put_status(:not_found)
+ |> json(false)
+ end
end
end
end