From c8540ddba7312a648c56d753ace1a8dc8f6a4136 Mon Sep 17 00:00:00 2001
From: Stefan Auditor <stefan.auditor@erdfisch.de>
Date: Sun, 15 Apr 2018 14:02:15 +0200
Subject: [PATCH] Respect user enabled flag in basic authentication

---
 core/admin/mailu/internal/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/internal/views.py b/core/admin/mailu/internal/views.py
index 955b5390..2b441ce7 100644
--- a/core/admin/mailu/internal/views.py
+++ b/core/admin/mailu/internal/views.py
@@ -41,7 +41,7 @@ def basic_authentication():
         encoded = authorization.replace("Basic ", "")
         user_email, password = base64.b64decode(encoded).split(b":")
         user = models.User.query.get(user_email.decode("utf8"))
-        if user and user.check_password(password.decode("utf8")):
+        if user and user.enabled and user.check_password(password.decode("utf8")):
             response = flask.Response()
             response.headers["X-User"] = user.email
             return response