fix: disabled user login from login via link feature (#26134)

* fix(ui): button color for login via link template

- blue > black

* fix: restrict login via link for disabled users

* fix: validate user on session.resume

frappe/sessions.py

@@ -210,8 +210,16 @@ class Session:
 
 		else:
 			if self.user:
+				self.validate_user()
 				self.start()
 
+	def validate_user(self):
+		if not frappe.get_cached_value("User", self.user, "enabled"):
+			frappe.throw(
+				_("User {0} is disabled. Please contact your System Manager.").format(self.user),
+				frappe.ValidationError,
+			)
+
 	def start(self):
 		"""start a new session"""
 		# generate sid
@@ -282,6 +290,7 @@ class Session:
 		if data:
 			self.data.update({"data": data, "user": data.user, "sid": self.sid})
 			self.user = data.user
+			self.validate_user()
 			validate_ip_address(self.user)
 		else:
 			self.start_as_guest()

frappe/templates/emails/login_with_email_link.html

@@ -23,11 +23,9 @@
 		</tr>
 		<tr>
 			<td align="center">
-				<div class="btn btn-primary" style="margin-top: 30px;">
-					<a href="{{ link or '#'}}" style="color: #fff; text-decoration: none;">
-						{{ _('Log In To {0}').format(app_name) }}
-					</a>
-				</div>
+				<a href="{{ link or '#'}}" class="btn btn-primary" style="background-color: #171717; text-decoration: none; margin-top: 30px;">
+					{{ _('Log In To {0}').format(app_name) }}
+				</a>
 			</td>
 		</tr>
 	</tbody>
@@ -38,4 +36,4 @@
 	<div class="body-content">
 		{{ table(table(body(), 'email-body'), 'email-container') }}
 	</div>
-</div>
+</div>

frappe/www/login.py

@@ -167,7 +167,6 @@ def login_via_key(key: str):
 
 	if email:
 		frappe.cache.delete_value(cache_key)
-
 		frappe.local.login_manager.login_as(email)
 
 		redirect_post_login(