more reliable suspended (#1696)

* fix: remove verbose parameters log * fix: more reliable check for suspended user --------- Co-authored-by: Nariman Jelveh <nj@puter.com>
2026-05-04 16:40:41 +00:00 · 2025-10-25 19:27:36 -04:00
parent 6edb2a30e7
commit b73764d210
2 changed files with 10 additions and 2 deletions
@@ -120,6 +120,10 @@ const configurable_auth = options => async (req, res, next) => {
            req.token = new_info.token;
            req.user = new_info.user;
            req.actor = new_info.actor;
+            
+            if ( req.user?.suspended ) {
+                throw APIError.create('forbidden');
+            }

            res.cookie(config.cookie_name, new_info.token, {
                sameSite: 'none',
@@ -136,7 +140,12 @@ const configurable_auth = options => async (req, res, next) => {

    // === Populate Context ===
    context.set('actor', actor);
-    if ( actor.type.user ) context.set('user', actor.type.user);
+    if ( actor.type.user ) {
+        if ( actor.type.user?.suspended ) {
+            throw APIError.create('forbidden');
+        }
+        context.set('user', actor.type.user);
+    }

    // === Populate Request ===
    req.actor = actor;
@@ -301,7 +301,6 @@ class AIChatService extends BaseService {
                let { test_mode, intended_service, response_metadata } = client_driver_call;

                const completionId = this.modules.cuid2();
-
                this.log.noticeme('AIChatService.complete', { intended_service, test_mode });
                const svc_event = this.services.get('event');
                const event = {