From 00b9508d8178bae016b2a25a81282dbe9ae0a9d2 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sat, 7 Feb 2015 23:28:17 -0500
Subject: Be able to disable the login form for specific users

---
 app/Auth/Database.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'app/Auth/Database.php')

diff --git a/app/Auth/Database.php b/app/Auth/Database.php
index 2804b9a8..e69f18a9 100644
--- a/app/Auth/Database.php
+++ b/app/Auth/Database.php
@@ -30,9 +30,14 @@ class Database extends Base
      */
     public function authenticate($username, $password)
     {
-        $user = $this->db->table(User::TABLE)->eq('username', $username)->eq('is_ldap_user', 0)->findOne();
+        $user = $this->db
+                    ->table(User::TABLE)
+                    ->eq('username', $username)
+                    ->eq('disable_login_form', 0)
+                    ->eq('is_ldap_user', 0)
+                    ->findOne();
 
-        if ($user && password_verify($password, $user['password'])) {
+        if (is_array($user) && password_verify($password, $user['password'])) {
             $this->userSession->refresh($user);
             $this->container['dispatcher']->dispatch('auth.success', new AuthEvent(self::AUTH_NAME, $user['id']));
             return true;
-- 
cgit v1.2.3