Fix jwt-token

server/routes/user.js

@@ -407,8 +407,7 @@ async function loginLocal(req, res, next) {
             { username: username },
             { email: username }
           ]
-        },
-        { is_active: true }
+        }
       ]
     };
     
@@ -430,6 +429,14 @@ async function loginLocal(req, res, next) {
       });
     }
 
+    if (!user.is_active) {
+      console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - Account is inactive`);
+      return res.status(401).json({
+        success: false,
+        message: 'Account is inactive'
+      });
+    }
+
     const passwordMatch = await bcrypt.compare(password, user.password_hash);
 
     if (!passwordMatch) {