From c1112968ff6884ead2e298cc59fca3ad2276188a Mon Sep 17 00:00:00 2001
From: Alexander Borg <borg@servernet.se>
Date: Tue, 16 Sep 2025 08:22:13 +0200
Subject: [PATCH] Fix jwt-token

---
 server/routes/user.js | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/server/routes/user.js b/server/routes/user.js
index 0a0af12..b578443 100644
--- a/server/routes/user.js
+++ b/server/routes/user.js
@@ -407,8 +407,7 @@ async function loginLocal(req, res, next) {
             { username: username },
             { email: username }
           ]
-        },
-        { is_active: true }
+        }
       ]
     };
     
@@ -430,6 +429,14 @@ async function loginLocal(req, res, next) {
       });
     }
 
+    if (!user.is_active) {
+      console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - Account is inactive`);
+      return res.status(401).json({
+        success: false,
+        message: 'Account is inactive'
+      });
+    }
+
     const passwordMatch = await bcrypt.compare(password, user.password_hash);
 
     if (!passwordMatch) {