This commit is contained in:
@@ -352,6 +352,13 @@ namespace AyaNova.Api.Controllers
|
||||
{
|
||||
//customer type has special rights restrictions for UI features so return them here so client UI can enable or disable
|
||||
var effectiveRights = await UserBiz.CustomerUserEffectiveRightsAsync(u.Id);
|
||||
//A non active Customer or Head Office record's contacts are also not allowed to login
|
||||
if (!effectiveRights.EntityActive)
|
||||
{
|
||||
log.LogInformation($"Customer contact user \"{u.Name}\" attempted login was denied due to inactive parent (Customer or HeadOffice)");
|
||||
await Task.Delay(AyaNova.Util.ServerBootConfig.FAILED_AUTH_DELAY);
|
||||
return StatusCode(401, new ApiErrorResponse(ApiErrorCode.AUTHENTICATION_FAILED));
|
||||
}
|
||||
return Ok(ApiOkResponse.Response(new
|
||||
{
|
||||
token = token,
|
||||
|
||||
Reference in New Issue
Block a user