[Bug] Disabled users are able to login (#264)

seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml

@@ -96,7 +96,7 @@
         select
         <include refid="Base_Column_List"/>
         from `user`
-        where username = #{username,jdbcType=VARCHAR} and password = #{password,jdbcType=VARCHAR} and auth_provider = #{authProvider,jdbcType=VARCHAR}
+        where status = 0 and username = #{username,jdbcType=VARCHAR} and password = #{password,jdbcType=VARCHAR} and auth_provider = #{authProvider,jdbcType=VARCHAR}
     </select>
     <select id="queryEnabledUsers" resultType="org.apache.seatunnel.app.dal.entity.User">
         select

seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java

@@ -32,8 +32,8 @@ public enum SeatunnelErrorEnum {
 
     USERNAME_PASSWORD_NO_MATCHED(
             10007,
-            "username and password no matched",
-            "The user name and password do not match, please check your input"),
+            "username and password not matched or user is disabled.",
+            "The user name and password do not match or user is disabled, please check your input"),
 
     TOKEN_ILLEGAL(10008, "token illegal", "The token is expired or invalid, please login again."),
     INVALID_AUTHENTICATION_PROVIDER(

seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java

@@ -24,6 +24,7 @@
 import org.apache.seatunnel.app.domain.request.user.UserLoginReq;
 import org.apache.seatunnel.app.domain.response.user.AddUserRes;
 import org.apache.seatunnel.app.domain.response.user.UserSimpleInfoRes;
+import org.apache.seatunnel.server.common.SeatunnelErrorEnum;
 
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.BeforeAll;
@@ -32,6 +33,7 @@
 import java.util.function.Supplier;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
@@ -147,6 +149,36 @@ public void login_shouldFail_whenInvalidAuthType() {
         assertEquals("Invalid authentication provider [INVALID_AUTH_TYPE]", loginResult.getMsg());
     }
 
+    @Test
+    public void disabledUser_shouldNotBeAbleToLogin() {
+        String user = "disabledUser" + uniqueId.get();
+        String pass = "pass7";
+        AddUserReq addUserReq = getAddUserReq(user, pass);
+        Result<AddUserRes> result = userControllerWrapper.addUser(addUserReq);
+        assertTrue(result.isSuccess());
+
+        // Disable the user
+        UpdateUserReq updateUserReq = new UpdateUserReq();
+        updateUserReq.setUsername(user);
+        updateUserReq.setUserId(result.getData().getId());
+        updateUserReq.setPassword(pass);
+        updateUserReq.setStatus((byte) 1);
+        updateUserReq.setType((byte) 0);
+        Result<Void> disableUserResult =
+                userControllerWrapper.updateUser(
+                        Long.toString(result.getData().getId()), updateUserReq);
+        assertTrue(disableUserResult.isSuccess());
+
+        // Attempt to login with the disabled user
+        UserLoginReq loginReq = new UserLoginReq();
+        loginReq.setUsername(user);
+        loginReq.setPassword(pass);
+        Result<UserSimpleInfoRes> loginResult = userControllerWrapper.login(loginReq);
+        assertFalse(loginResult.isSuccess());
+        assertEquals(
+                SeatunnelErrorEnum.USERNAME_PASSWORD_NO_MATCHED.getCode(), loginResult.getCode());
+    }
+
     @AfterAll
     public static void tearDown() {
         Result<Void> logout = userControllerWrapper.logout();