Emit warning log if inactive user trys to authenticate

Author: codingjoe

mailauth/backends.py

@@ -32,6 +32,11 @@ def authenticate(self, request, token=None):
         else:
             if self.user_can_authenticate(user):
                 return user
+            logger.warning(
+                "User '%s' is not allowed to authenticate.",
+                user,
+                exc_info=True,
+            )
 
     @classmethod
     def get_token(cls, user):

tests/test_backends.py

@@ -12,6 +12,23 @@ def test_authenticate(self, db, user, settings, signer, signature):
         assert user is not None
         assert user.is_authenticated
 
+    def test_authenticate__user_is_not_active(
+        self, db, caplog, user, settings, signer, signature
+    ):
+        settings.LOGIN_URL_TIMEOUT = float("inf")
+        backend = MailAuthBackend()
+        backend.signer = signer
+        user.is_active = False
+        user.save(update_fields=['is_active'], force_update=True)
+        with caplog.at_level(logging.WARNING):
+            user = backend.authenticate(None, token=signature)
+
+        assert user is None
+        assert caplog.records[-1].levelname == "WARNING"
+        assert caplog.records[-1].message == (
+            "User 'spiderman@avengers.com' is not allowed to authenticate."
+        )
+
     def test_authenticate__user_does_not_exist(
         self, db, caplog, settings, signer, signature
     ):