Update API Key jwtAuthCheck to check user active status

2026-03-18 22:09:46 +00:00 · 2026-03-18 16:17:45 -05:00 · 2026-03-18 16:17:45 -05:00 · 874e9e1856
commit 874e9e1856
parent 6d3773a0b8
1 changed files with 7 additions and 0 deletions
--- a/server/auth/TokenManager.js
+++ b/server/auth/TokenManager.js
@ -234,6 +234,13 @@ class TokenManager {
      }

      const user = await Database.userModel.getUserById(apiKey.userId)
+
+      if (!user?.isActive) {
+        // deny login
+        done(null, null)
+        return
+      }
+
      done(null, user)
    } else {
      // JWT based authentication