mod_c2s: Disconnect accounts when they are disabled

We decided that at the first stage, accounts that are disabled should simply be prevented from authenticating, thus they should also be prevented from having connected sessions. Since this is aimed to be a moderation action for cases of abuse, they shouldn't be allowed to continue being connected.
author: Kim Alvefur <zash@zash.se> 2023-02-23 16:28:57 +0100
committer: Kim Alvefur <zash@zash.se> 2023-02-23 16:28:57 +0100
commit: 893dce647b177d05b18f01ec8e31854ed15ebb7c (patch)
tree: b95ad745a24836b0ad33a3e82fdb51aba1aa404b
parent: bb65a83696d7afb320bddbd38ef8480c0e3f5a6a (diff)
download: prosody-893dce647b177d05b18f01ec8e31854ed15ebb7c.tar.gz
prosody-893dce647b177d05b18f01ec8e31854ed15ebb7c.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index 9af463b6..cd214ff8 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -266,6 +266,7 @@ end
 module:hook_global("user-password-changed", disconnect_user_sessions({ condition = "reset", text = "Password changed" }, true), 200);
 module:hook_global("user-role-changed", disconnect_user_sessions({ condition = "reset", text = "Role changed" }), 200);
 module:hook_global("user-deleted", disconnect_user_sessions({ condition = "not-authorized", text = "Account deleted" }), 200);
+module:hook_global("user-disabled", disconnect_user_sessions({ condition = "not-authorized", text = "Account disabled" }), 200);
 
 module:hook_global("c2s-session-updated", function (event)
 	sessions[event.session.conn] = event.session;
author	Kim Alvefur <zash@zash.se>	2023-02-23 16:28:57 +0100
committer	Kim Alvefur <zash@zash.se>	2023-02-23 16:28:57 +0100
commit	893dce647b177d05b18f01ec8e31854ed15ebb7c (patch)
tree	b95ad745a24836b0ad33a3e82fdb51aba1aa404b
parent	bb65a83696d7afb320bddbd38ef8480c0e3f5a6a (diff)
download	prosody-893dce647b177d05b18f01ec8e31854ed15ebb7c.tar.gz prosody-893dce647b177d05b18f01ec8e31854ed15ebb7c.zip