fix: disabled user login from login via link feature (#26134) (#26140)

* fix(ui): button color for login via link template

- blue > black

* fix: restrict login via link for disabled users

* fix: validate user on session.resume

(cherry picked from commit a73e655)

# Conflicts:
#	frappe/www/login.py

Co-authored-by: Rutwik Hiwalkar <rutwikhdev@gmail.com>

frappe/sessions.py

@@ -223,8 +223,16 @@ def __init__(self, user, resume=False, full_name=None, user_type=None):
 
 		else:
 			if self.user:
+				self.validate_user()
 				self.start()
 
+	def validate_user(self):
+		if not frappe.get_cached_value("User", self.user, "enabled"):
+			frappe.throw(
+				_("User {0} is disabled. Please contact your System Manager.").format(self.user),
+				frappe.ValidationError,
+			)
+
 	def start(self):
 		"""start a new session"""
 		# generate sid
@@ -295,6 +303,7 @@ def resume(self):
 		if data:
 			self.data.update({"data": data, "user": data.user, "sid": self.sid})
 			self.user = data.user
+			self.validate_user()
 			validate_ip_address(self.user)
 			self.device = data.device
 		else:

frappe/templates/emails/login_with_email_link.html

@@ -23,11 +23,9 @@
 		</tr>
 		<tr>
 			<td align="center">
-				<div class="btn btn-primary" style="margin-top: 30px;">
-					<a href="{{ link or '#'}}" style="color: #fff; text-decoration: none;">
-						{{ _('Log In To {0}').format(app_name) }}
-					</a>
-				</div>
+				<a href="{{ link or '#'}}" class="btn btn-primary" style="background-color: #171717; text-decoration: none; margin-top: 30px;">
+					{{ _('Log In To {0}').format(app_name) }}
+				</a>
 			</td>
 		</tr>
 	</tbody>
@@ -38,4 +36,4 @@
 	<div class="body-content">
 		{{ table(table(body(), 'email-body'), 'email-container') }}
 	</div>
-</div>
+</div>

frappe/www/login.py

@@ -166,7 +166,6 @@ def login_via_key(key: str):
 
 	if email:
 		frappe.cache().delete_value(cache_key)
-
 		frappe.local.login_manager.login_as(email)
 
 		redirect_post_login(