From e9a94d737474b76a8fecb1d5800243b8316bfe3a Mon Sep 17 00:00:00 2001
From: gustavoschaedler <gustavopoa@gmail.com>
Date: Mon, 14 Aug 2023 22:46:55 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20fix(auth.py):=20remove=20unneces?=
 =?UTF-8?q?sary=20blank=20line=20=F0=9F=90=9B=20fix(auth.py):=20add=20vali?=
 =?UTF-8?q?dation=20for=20inactive=20users=20and=20users=20waiting=20for?=
 =?UTF-8?q?=20approval=20in=20authenticate=5Fuser=20function=20=E2=9C=A8?=
 =?UTF-8?q?=20feat(login.py):=20remove=20unnecessary=20blank=20line?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/backend/langflow/auth/auth.py     | 14 +++++++++++---
 src/backend/langflow/routers/login.py |  1 -
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/backend/langflow/auth/auth.py b/src/backend/langflow/auth/auth.py
index 36be8e14a..5c2bf7343 100644
--- a/src/backend/langflow/auth/auth.py
+++ b/src/backend/langflow/auth/auth.py
@@ -34,6 +34,7 @@ async def get_current_user(
         detail="Could not validate credentials",
         headers={"WWW-Authenticate": "Bearer"},
     )
+
     try:
         payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
         user_id: UUID = payload.get("sub")  # type: ignore
@@ -121,7 +122,14 @@ def create_refresh_token(refresh_token: str):
 def authenticate_user(
     username: str, password: str, db: Session = Depends(get_session)
 ) -> User | None:
-    if user := get_user_by_username(db, username):
-        return user if verify_password(password, user.password) else None
-    else:
+    user = get_user_by_username(db, username)
+
+    if not user:
         return None
+
+    if not user.is_active:
+        if not user.last_login_at:
+            raise HTTPException(status_code=400, detail="Waiting for approval")
+        raise HTTPException(status_code=400, detail="Inactive user")
+
+    return user if verify_password(password, user.password) else None
diff --git a/src/backend/langflow/routers/login.py b/src/backend/langflow/routers/login.py
index 35fdb9cdb..c7a2c05c4 100644
--- a/src/backend/langflow/routers/login.py
+++ b/src/backend/langflow/routers/login.py
@@ -2,7 +2,6 @@ from sqlalchemy.orm import Session
 from fastapi import APIRouter, Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordRequestForm
 
-
 from langflow.services.utils import get_session
 from langflow.database.models.token import Token
 from langflow.auth.auth import (