From eeec3e9ab1769812daeb8824ce70929acacf52dd Mon Sep 17 00:00:00 2001
From: Drew DeVault <sir@cmpwn.com>
Date: Sun, 12 Apr 2020 13:53:18 -0400
Subject: [PATCH] api/auth: don't authorize suspended accounts

---
 graphql/auth/auth.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/graphql/auth/auth.go b/graphql/auth/auth.go
index c7abd3b..586cec6 100644
--- a/graphql/auth/auth.go
+++ b/graphql/auth/auth.go
@@ -7,6 +7,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"net/http"
 	"regexp"
 	"strings"
@@ -171,6 +172,12 @@ Expected 'Authentication: Bearer <token>'`, http.StatusForbidden)
 				return
 			}
 
+			if user.UserType == USER_SUSPENDED {
+				authError(w, fmt.Sprintf("Account suspended with the following notice: %s\nContact support",
+					user.SuspensionNotice), http.StatusForbidden)
+				return
+			}
+
 			ctx := context.WithValue(r.Context(), userCtxKey, &user)
 
 			r = r.WithContext(ctx)
-- 
2.38.4