added disabled flag to account

controller/resetPassword.go

@@ -47,6 +47,10 @@ func (handler *resetPasswordHandler) Handle(params account.ResetPasswordParams)
 		logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)
 		return account.NewResetPasswordNotFound()
 	}
+	if a.Disabled {
+		logrus.Errorf("account '%v' for '%v' disabled", a.Email, a.Token)
+		return account.NewResetPasswordNotFound()
+	}
 
 	if err := validatePassword(handler.cfg, params.Body.Password); err != nil {
 		logrus.Errorf("password not valid for request '%v', (%v): %v", params.Body.Token, a.Email, err)

controller/resetToken.go

@@ -37,6 +37,10 @@ func (handler *resetTokenHandler) Handle(params account.ResetTokenParams, princi
 		logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)
 		return account.NewResetTokenNotFound()
 	}
+	if a.Disabled {
+		logrus.Errorf("account '%v' for '%v' disabled", a.Email, a.Token)
+		return account.NewResetTokenNotFound()
+	}
 
 	// Need to create new token and invalidate all other resources
 	token, err := CreateToken()

controller/store/account.go

@@ -13,6 +13,7 @@ type Account struct {
 	Token     string
 	Limitless bool
 	Deleted   bool
+	Disabled  bool
 }
 
 func (str *Store) CreateAccount(a *Account, tx *sqlx.Tx) (int, error) {
@@ -37,7 +38,7 @@ func (str *Store) GetAccount(id int, tx *sqlx.Tx) (*Account, error) {
 
 func (str *Store) FindAccountWithEmail(email string, tx *sqlx.Tx) (*Account, error) {
 	a := &Account{}
-	if err := tx.QueryRowx("select * from accounts where email = lower($1) and not deleted", email).StructScan(a); err != nil {
+	if err := tx.QueryRowx("select * from accounts where email = lower($1) and not deleted and not disabled", email).StructScan(a); err != nil {
 		return nil, errors.Wrap(err, "error selecting account by email")
 	}
 	return a, nil
@@ -53,7 +54,7 @@ func (str *Store) FindAccountWithEmailAndDeleted(email string, tx *sqlx.Tx) (*Ac
 
 func (str *Store) FindAccountWithToken(token string, tx *sqlx.Tx) (*Account, error) {
 	a := &Account{}
-	if err := tx.QueryRowx("select * from accounts where token = $1 and not deleted", token).StructScan(a); err != nil {
+	if err := tx.QueryRowx("select * from accounts where token = $1 and not deleted and not disabled", token).StructScan(a); err != nil {
 		return nil, errors.Wrap(err, "error selecting account by token")
 	}
 	return a, nil

controller/store/sql/postgresql/019_v0_4_24_account_disable.sql

@@ -0,0 +1,3 @@
+-- +migrate Up
+
+ALTER TABLE accounts ADD COLUMN disabled BOOLEAN NOT NULL DEFAULT(false);

controller/store/sql/sqlite3/019_v0_4_23_account_disable.sql

@@ -0,0 +1,3 @@
+-- +migrate Up
+
+ALTER TABLE accounts ADD COLUMN disabled BOOLEAN NOT NULL DEFAULT(false);