Join 34,000+ subscribers and receive articles from our blog about software quality, testing, QA and security.
 

Meaningful error message for inactive users


#1

We’re using a custom authentication script with Active Directory, and we also have the need to deactivate some of our users who haven’t logged on for some time (some may have left the company).

Currently, when a deactivated user tries to login, they see an error message saying their credentials are invalid (or words to that effect). I would like to know if it is possible to display a meaningful message, like contact and administrator to request reactivation. The ability to display custom text, such as a link to our internal Slack channel would be great.

Does this kind of functionality exist when using a custom authentication script?


#2

Looking at app/drivers/auth/custom.php. It looks like the following should do the trick:

if ($user)
{
	if (logger::is_on(GI_LOG_LEVEL_DEBUG))
	{
		logger::debugf('User "{0}" found in database', 
			$user->email);
		logger::debugf('- id: {0}', $user->id);
		logger::debugf('- name: {0}', $user->name);
		logger::debugf('- active: {0}', $user->is_active);
	}

	if ($user && !$user->is_active) {
		ex::raiset('AuthException',
			'Your account has been deactivated. Please contact a TestRail administrator');
		return null;
	} elseif ($user && $user->is_active) {
		return $user;
	} else {
		return null;
	}
	
	// return $user->is_active ? $user : null;
}