1 files changed, 7 insertions, 2 deletions

diff --git a/app/Auth/Database.php b/app/Auth/Database.php
index 2804b9a8..e69f18a9 100644
--- a/app/Auth/Database.php
+++ b/app/Auth/Database.php
@@ -30,9 +30,14 @@ class Database extends Base
      */
     public function authenticate($username, $password)
     {
-        $user = $this->db->table(User::TABLE)->eq('username', $username)->eq('is_ldap_user', 0)->findOne();
+        $user = $this->db
+                    ->table(User::TABLE)
+                    ->eq('username', $username)
+                    ->eq('disable_login_form', 0)
+                    ->eq('is_ldap_user', 0)
+                    ->findOne();
 
-        if ($user && password_verify($password, $user['password'])) {
+        if (is_array($user) && password_verify($password, $user['password'])) {
             $this->userSession->refresh($user);
             $this->container['dispatcher']->dispatch('auth.success', new AuthEvent(self::AUTH_NAME, $user['id']));
             return true;