Most simple solution is to override validate_password method of the user class and let it return false when the user is disabled.
Otherwise you can write a Custom Authenticator and setup different auth configuration that uses it to check if the user is enabled. Take a look at http://blog.axant.it/archives/226 for an example authenticator. This sets up an authenticator that fetches the user from mongodb, just write one that fetches the user and then checks if it is available. 2011/12/11 Juan Antonio Ibáñez <[email protected]>: > Hello! > > I'd like to customize TG auth to check both the user/password and > one enabled flag. If the user fill in user/pass correctly but his > account is disabled he must not login in the app. In this case, I'd > like to show him that his account is disabled. > > Which could be the best way to accomplish that? > > Regards > > -- > You received this message because you are subscribed to the Google Groups > "TurboGears" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/turbogears?hl=en. > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
