From fe29c62d67b92443198a643a6608e78a867a550f Mon Sep 17 00:00:00 2001
From: Mathijs Kwik <mk@dutchcoastsoftware.com>
Date: Mon, 8 Sep 2008 20:56:38 +0200
Subject: [PATCH] Inactive users can't login anymore. I placed the check for
 this on authenticated? so it can easily be overruled

---
 hobo/lib/hobo/user.rb            | 4 ++--
 hobo/lib/hobo/user_controller.rb | 5 ++++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/hobo/lib/hobo/user.rb b/hobo/lib/hobo/user.rb
index 7bd18321c..41bde03dd 100644
--- a/hobo/lib/hobo/user.rb
+++ b/hobo/lib/hobo/user.rb
@@ -98,7 +98,7 @@ def encrypt(password, salt)
     end
 
     def account_active?
-      state == 'active'
+      !self.class.has_lifecycle? || !'active'.in?(self.class::Lifecycle.state_names) || state == 'active'
     end
 
     # Encrypts the password with the user salt
@@ -108,7 +108,7 @@ def encrypt(password)
 
     # Check if the encrypted passwords match
     def authenticated?(password)
-      crypted_password == encrypt(password)
+      account_active? && crypted_password == encrypt(password)
     end
 
     # Do we still need to remember the login token, or has it expired?
diff --git a/hobo/lib/hobo/user_controller.rb b/hobo/lib/hobo/user_controller.rb
index 78bf8fd0d..c3e7b988d 100644
--- a/hobo/lib/hobo/user_controller.rb
+++ b/hobo/lib/hobo/user_controller.rb
@@ -88,7 +88,10 @@ def hobo_login(options={})
 
     def hobo_do_signup(&b)
       do_creator_action(:signup) do
-        flash[:notice] = "Thanks for signing up!" if valid?
+        if valid?
+          flash[:notice] = "Thanks for signing up!"
+          flash[:notice] << " You must activate your account before you can log in. Please check your email." unless this.account_active?
+        end
         response_block(&b) or if valid?
                                 self.current_user = this if this.account_active?
                                 redirect_back_or_default(home_page)