From b73764d210a453bbfd92b5e91edff36a1ac3a618 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eric=20Dub=C3=A9?=
 <7225168+KernelDeimos@users.noreply.github.com>
Date: Sat, 25 Oct 2025 19:27:36 -0400
Subject: [PATCH] more reliable suspended (#1696)

* fix: remove verbose parameters log

* fix: more reliable check for suspended user

---------

Co-authored-by: Nariman Jelveh <nj@puter.com>
---
 src/backend/src/middleware/configurable_auth.js  | 11 ++++++++++-
 src/backend/src/modules/puterai/AIChatService.js |  1 -
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/backend/src/middleware/configurable_auth.js b/src/backend/src/middleware/configurable_auth.js
index f4237d62f..9895f2082 100644
--- a/src/backend/src/middleware/configurable_auth.js
+++ b/src/backend/src/middleware/configurable_auth.js
@@ -120,6 +120,10 @@ const configurable_auth = options => async (req, res, next) => {
             req.token = new_info.token;
             req.user = new_info.user;
             req.actor = new_info.actor;
+            
+            if ( req.user?.suspended ) {
+                throw APIError.create('forbidden');
+            }
 
             res.cookie(config.cookie_name, new_info.token, {
                 sameSite: 'none',
@@ -136,7 +140,12 @@ const configurable_auth = options => async (req, res, next) => {
 
     // === Populate Context ===
     context.set('actor', actor);
-    if ( actor.type.user ) context.set('user', actor.type.user);
+    if ( actor.type.user ) {
+        if ( actor.type.user?.suspended ) {
+            throw APIError.create('forbidden');
+        }
+        context.set('user', actor.type.user);
+    }
 
     // === Populate Request ===
     req.actor = actor;
diff --git a/src/backend/src/modules/puterai/AIChatService.js b/src/backend/src/modules/puterai/AIChatService.js
index 3d3564a45..0bad5e030 100644
--- a/src/backend/src/modules/puterai/AIChatService.js
+++ b/src/backend/src/modules/puterai/AIChatService.js
@@ -301,7 +301,6 @@ class AIChatService extends BaseService {
                 let { test_mode, intended_service, response_metadata } = client_driver_call;
 
                 const completionId = this.modules.cuid2();
-
                 this.log.noticeme('AIChatService.complete', { intended_service, test_mode });
                 const svc_event = this.services.get('event');
                 const event = {