fix: site enable check (#645)

2023-07-26 11:11:09 +08:00
parent 1d6829f400
commit f9412f5fdb
1 changed files with 2 additions and 0 deletions
--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@@ -38,6 +38,8 @@ def decode_jwt_token():
    app_model = db.session.query(App).filter(App.id == decoded['app_id']).first()
    if not app_model:
        raise NotFound()
+    if app_model.enable_site is False:
+        raise Unauthorized('Site is disabled.')
    end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first()
    if not end_user:
        raise NotFound()