X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/2c13981b0fa6d7b6ddfc4277c53eb9c515dd2736..c6f844603d9c5a46bb3dc34dfb0cdff1145f5715:/app/controllers/application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c43271b93..c701d8add 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -78,6 +78,12 @@ class ApplicationController < ActionController::Base
         @user = User.authenticate(:username => username, :password => passwd) # basic auth
       end
     end
+
+    # check if the user has been banned
+    unless @user.nil? or @user.active_blocks.empty?
+      # NOTE: need slightly more helpful message than this.
+      render :text => t('application.setup_user_auth.blocked'), :status => :forbidden
+    end
   end
 
   def authorize(realm='Web Password', errormessage="Couldn't authenticate you")