From c6ad14d641b8340520f2b9919d74f109ec9e4268 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20B=C3=B6hmer?= <mail@jan-boehmer.de>
Date: Tue, 15 Nov 2022 00:25:56 +0100
Subject: [PATCH] Show a more helpfull error message on login when a user is
 disabled.

Before a generic invalid credentials message was shown, now a hint about the disabled status is shown.
---
 src/Security/UserChecker.php | 10 ++++++++--
 translations/security.en.xlf | 11 +++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 translations/security.en.xlf

diff --git a/src/Security/UserChecker.php b/src/Security/UserChecker.php
index bc51936b..a9b76a31 100644
--- a/src/Security/UserChecker.php
+++ b/src/Security/UserChecker.php
@@ -44,14 +44,19 @@ namespace App\Security;
 
 use App\Entity\UserSystem\User;
 use Symfony\Component\Security\Core\Exception\AccountStatusException;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
 use Symfony\Component\Security\Core\Exception\DisabledException;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Contracts\Translation\TranslatorInterface;
 
 final class UserChecker implements UserCheckerInterface
 {
-    public function __construct()
+    private TranslatorInterface $translator;
+
+    public function __construct(TranslatorInterface $translator)
     {
+        $this->translator = $translator;
     }
 
     /**
@@ -77,7 +82,8 @@ final class UserChecker implements UserCheckerInterface
 
         //Check if user is disabled. Then dont allow login
         if ($user->isDisabled()) {
-            throw new DisabledException();
+            //throw new DisabledException();
+            throw new CustomUserMessageAccountStatusException($this->translator->trans('user.login_error.user_disabled'));
         }
     }
 }
diff --git a/translations/security.en.xlf b/translations/security.en.xlf
new file mode 100644
index 00000000..8c76136f
--- /dev/null
+++ b/translations/security.en.xlf
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xliff xmlns="urn:oasis:names:tc:xliff:document:2.0" version="2.0" srcLang="en" trgLang="en">
+  <file id="security.en">
+    <unit id="aazoCks" name="user.login_error.user_disabled">
+      <segment>
+        <source>user.login_error.user_disabled</source>
+        <target>Your account is disabled! Contact an administrator if you think this is wrong.</target>
+      </segment>
+    </unit>
+  </file>
+</xliff>