Domain block (#76)

* start work on admin domain blocking

* move stuff around + further work on domain blocks

* move + restructure processor

* prep work for deleting account

* tidy

* go fmt

* formatting

* domain blocking more work

* check domain blocks way earlier on

* progress on delete account

* delete more stuff when an account is gone

* and more...

* domain blocky block block

* get individual domain block, delete a block

1 files changed, 18 insertions, 4 deletions

diff --git a/internal/oauth/util.go b/internal/oauth/util.go
index 378b81450..2520fc784 100644
--- a/internal/oauth/util.go
+++ b/internal/oauth/util.go
@@ -73,14 +73,28 @@ func Authed(c *gin.Context, requireToken bool, requireApp bool, requireUser bool
 	if requireToken && a.Token == nil {
 		return nil, errors.New("token not supplied")
 	}
+
 	if requireApp && a.Application == nil {
 		return nil, errors.New("application not supplied")
 	}
-	if requireUser && a.User == nil {
-		return nil, errors.New("user not supplied")
+
+	if requireUser {
+		if a.User == nil {
+			return nil, errors.New("user not supplied")
+		}
+		if a.User.Disabled || !a.User.Approved {
+			return nil, errors.New("user disabled or not approved")
+		}
 	}
-	if requireAccount && a.Account == nil {
-		return nil, errors.New("account not supplied")
+
+	if requireAccount {
+		if a.Account == nil {
+			return nil, errors.New("account not supplied")
+		}
+		if !a.Account.SuspendedAt.IsZero() {
+			return nil, errors.New("account suspended")
+		}
 	}
+
 	return a, nil
 }