From 96b75424efaef98e5da912c68f4ad63a51855e77 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Fri, 3 May 2024 13:41:21 +0000
Subject: [PATCH] fix: disabled user login from login via link feature (#26134)
 (#26140)

* fix(ui): button color for login via link template

- blue > black

* fix: restrict login via link for disabled users

* fix: validate user on session.resume

(cherry picked from commit a73e65581dfc8b589311fe9d2d592467f30a5046)

# Conflicts:
#	frappe/www/login.py

Co-authored-by: Rutwik Hiwalkar <rutwikhdev@gmail.com>
---
 frappe/sessions.py                                 |  9 +++++++++
 frappe/templates/emails/login_with_email_link.html | 10 ++++------
 frappe/www/login.py                                |  1 -
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/frappe/sessions.py b/frappe/sessions.py
index 65bc6d79bd7..40cbdbe9738 100644
--- a/frappe/sessions.py
+++ b/frappe/sessions.py
@@ -223,8 +223,16 @@ def __init__(self, user, resume=False, full_name=None, user_type=None):
 
 		else:
 			if self.user:
+				self.validate_user()
 				self.start()
 
+	def validate_user(self):
+		if not frappe.get_cached_value("User", self.user, "enabled"):
+			frappe.throw(
+				_("User {0} is disabled. Please contact your System Manager.").format(self.user),
+				frappe.ValidationError,
+			)
+
 	def start(self):
 		"""start a new session"""
 		# generate sid
@@ -295,6 +303,7 @@ def resume(self):
 		if data:
 			self.data.update({"data": data, "user": data.user, "sid": self.sid})
 			self.user = data.user
+			self.validate_user()
 			validate_ip_address(self.user)
 			self.device = data.device
 		else:
diff --git a/frappe/templates/emails/login_with_email_link.html b/frappe/templates/emails/login_with_email_link.html
index 144869e2e67..6badd5c89d0 100644
--- a/frappe/templates/emails/login_with_email_link.html
+++ b/frappe/templates/emails/login_with_email_link.html
@@ -23,11 +23,9 @@
 		</tr>
 		<tr>
 			<td align="center">
-				<div class="btn btn-primary" style="margin-top: 30px;">
-					<a href="{{ link or '#'}}" style="color: #fff; text-decoration: none;">
-						{{ _('Log In To {0}').format(app_name) }}
-					</a>
-				</div>
+				<a href="{{ link or '#'}}" class="btn btn-primary" style="background-color: #171717; text-decoration: none; margin-top: 30px;">
+					{{ _('Log In To {0}').format(app_name) }}
+				</a>
 			</td>
 		</tr>
 	</tbody>
@@ -38,4 +36,4 @@
 	<div class="body-content">
 		{{ table(table(body(), 'email-body'), 'email-container') }}
 	</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/frappe/www/login.py b/frappe/www/login.py
index 6202eccaa9d..16802eb9a4d 100644
--- a/frappe/www/login.py
+++ b/frappe/www/login.py
@@ -166,7 +166,6 @@ def login_via_key(key: str):
 
 	if email:
 		frappe.cache().delete_value(cache_key)
-
 		frappe.local.login_manager.login_as(email)
 
 		redirect_post_login(