From a73e65581dfc8b589311fe9d2d592467f30a5046 Mon Sep 17 00:00:00 2001
From: Rutwik Hiwalkar <rutwikhdev@gmail.com>
Date: Wed, 24 Apr 2024 15:49:17 +0530
Subject: [PATCH] fix: disabled user login from login via link feature (#26134)

* fix(ui): button color for login via link template

- blue > black

* fix: restrict login via link for disabled users

* fix: validate user on session.resume
---
 frappe/sessions.py                                 |  9 +++++++++
 frappe/templates/emails/login_with_email_link.html | 10 ++++------
 frappe/www/login.py                                |  1 -
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/frappe/sessions.py b/frappe/sessions.py
index 15b0447d25..9f0a5a0b25 100644
--- a/frappe/sessions.py
+++ b/frappe/sessions.py
@@ -210,8 +210,16 @@ class Session:
 
 		else:
 			if self.user:
+				self.validate_user()
 				self.start()
 
+	def validate_user(self):
+		if not frappe.get_cached_value("User", self.user, "enabled"):
+			frappe.throw(
+				_("User {0} is disabled. Please contact your System Manager.").format(self.user),
+				frappe.ValidationError,
+			)
+
 	def start(self):
 		"""start a new session"""
 		# generate sid
@@ -282,6 +290,7 @@ class Session:
 		if data:
 			self.data.update({"data": data, "user": data.user, "sid": self.sid})
 			self.user = data.user
+			self.validate_user()
 			validate_ip_address(self.user)
 		else:
 			self.start_as_guest()
diff --git a/frappe/templates/emails/login_with_email_link.html b/frappe/templates/emails/login_with_email_link.html
index 144869e2e6..6badd5c89d 100644
--- a/frappe/templates/emails/login_with_email_link.html
+++ b/frappe/templates/emails/login_with_email_link.html
@@ -23,11 +23,9 @@
 		</tr>
 		<tr>
 			<td align="center">
-				<div class="btn btn-primary" style="margin-top: 30px;">
-					<a href="{{ link or '#'}}" style="color: #fff; text-decoration: none;">
-						{{ _('Log In To {0}').format(app_name) }}
-					</a>
-				</div>
+				<a href="{{ link or '#'}}" class="btn btn-primary" style="background-color: #171717; text-decoration: none; margin-top: 30px;">
+					{{ _('Log In To {0}').format(app_name) }}
+				</a>
 			</td>
 		</tr>
 	</tbody>
@@ -38,4 +36,4 @@
 	<div class="body-content">
 		{{ table(table(body(), 'email-body'), 'email-container') }}
 	</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/frappe/www/login.py b/frappe/www/login.py
index c988efd2f4..a1bf04bf06 100644
--- a/frappe/www/login.py
+++ b/frappe/www/login.py
@@ -167,7 +167,6 @@ def login_via_key(key: str):
 
 	if email:
 		frappe.cache.delete_value(cache_key)
-
 		frappe.local.login_manager.login_as(email)
 
 		redirect_post_login(