From 939b5c52f73d70756017dd0afab976b1e9c2a28b Mon Sep 17 00:00:00 2001
From: Kana <7425261+Pitu@users.noreply.github.com>
Date: Fri, 16 Feb 2018 23:50:23 -0300
Subject: [PATCH] In theory this will enable us to disable users and not break
 already running instances

---
 controllers/authController.js   | 7 ++++++-
 controllers/uploadController.js | 4 ++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/controllers/authController.js b/controllers/authController.js
index 95a151e..ea32275 100644
--- a/controllers/authController.js
+++ b/controllers/authController.js
@@ -15,6 +15,10 @@ authController.verify = async (req, res, next) => {
 
 	const user = await db.table('users').where('username', username).first();
 	if (!user) return res.json({ success: false, description: 'Username doesn\'t exist' });
+	if (user.enabled === false || user.enabled === 0) return res.json({
+		success: false,
+		description: 'This account has been disabled'
+	});
 
 	bcrypt.compare(password, user.password, (err, result) => {
 		if (err) {
@@ -56,7 +60,8 @@ authController.register = async (req, res, next) => {
 		await db.table('users').insert({
 			username: username,
 			password: hash,
-			token: token
+			token: token,
+			enabled: 1
 		});
 		return res.json({ success: true, token: token })
 	});
diff --git a/controllers/uploadController.js b/controllers/uploadController.js
index 9f10c8c..386ee02 100644
--- a/controllers/uploadController.js
+++ b/controllers/uploadController.js
@@ -39,6 +39,10 @@ uploadsController.upload = async (req, res, next) => {
 
 	const token = req.headers.token || '';
 	const user = await db.table('users').where('token', token).first();
+	if (user.enabled === false || user.enabled === 0) return res.json({
+		success: false,
+		description: 'This account has been disabled'
+	});
 	const albumid = req.headers.albumid || req.params.albumid;
 
 	if (albumid && user) {