From 1d2de248ee9bf37d5e134584890341ef536e8514 Mon Sep 17 00:00:00 2001 From: Jeffrey Hardy Date: Tue, 24 Sep 2024 15:51:38 -0400 Subject: [PATCH] Only active users can authenticate --- app/controllers/sessions_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index b50f0b23e..3c18b47ed 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -6,7 +6,7 @@ class SessionsController < ApplicationController end def create - if user = User.authenticate_by(params.permit(:email_address, :password)) + if user = User.active.authenticate_by(params.permit(:email_address, :password)) start_new_session_for user redirect_to after_authentication_url else