# HG changeset patch # User Kim Alvefur # Date 1677166137 -3600 # Node ID d2333b468d07504c874d713a3a4378f0b936dbfe # Parent e282c92ded0efd8bbfc3922c8c940fea32bdea6d mod_c2s: Disconnect accounts when they are disabled We decided that at the first stage, accounts that are disabled should simply be prevented from authenticating, thus they should also be prevented from having connected sessions. Since this is aimed to be a moderation action for cases of abuse, they shouldn't be allowed to continue being connected. diff -r e282c92ded0e -r d2333b468d07 plugins/mod_c2s.lua --- a/plugins/mod_c2s.lua Thu Feb 23 16:25:31 2023 +0100 +++ b/plugins/mod_c2s.lua Thu Feb 23 16:28:57 2023 +0100 @@ -266,6 +266,7 @@ module:hook_global("user-password-changed", disconnect_user_sessions({ condition = "reset", text = "Password changed" }, true), 200); module:hook_global("user-role-changed", disconnect_user_sessions({ condition = "reset", text = "Role changed" }), 200); module:hook_global("user-deleted", disconnect_user_sessions({ condition = "not-authorized", text = "Account deleted" }), 200); +module:hook_global("user-disabled", disconnect_user_sessions({ condition = "not-authorized", text = "Account disabled" }), 200); module:hook_global("c2s-session-updated", function (event) sessions[event.session.conn] = event.session;