I'm trying to disable specific user accounts from logging in. I can't remove the account because the user should be able to access all his old records when he is enabled again.
I've made a fork of parse-server and edited the UsersRouter to achieve what I want. See the changes on my github fork. How would the Parse community feel about such an addition? Since I couldn't find any existing workaround, I'm wondering if the community needs something like this.
Now I'm wondering if there is a better way to achieve this? Another option I thought of would be to create a cloud function that would handle the login and return a session token, combined with a become call on the client side. But that has other negative side effects as well.
So the question comes down to: what is the best way to disable a user in Parse without deleting the user?
I have opened an issue with a proposal on the parse-server repository on GitHub as well.
A beforeLogin() trigger has been added starting from v3.3.0:
https://docs.parseplatform.org/cloudcode/guide/#beforelogin
Parse.Cloud.beforeLogin(async request => {
const { object: user } = request;
if(user.get('isBanned')) {
throw new Error('Access denied, you have been banned.')
}
});