From f9412f5fdbaa8b13ed8f4a800dd1efb425383839 Mon Sep 17 00:00:00 2001
From: crazywoola <100913391+crazywoola@users.noreply.github.com>
Date: Wed, 26 Jul 2023 11:11:09 +0800
Subject: [PATCH] fix: site enable check (#645)

---
 api/controllers/web/wraps.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/controllers/web/wraps.py b/api/controllers/web/wraps.py
index 4d48a190f2..314a4099ee 100644
--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@@ -38,6 +38,8 @@ def decode_jwt_token():
     app_model = db.session.query(App).filter(App.id == decoded['app_id']).first()
     if not app_model:
         raise NotFound()
+    if app_model.enable_site is False:
+        raise Unauthorized('Site is disabled.')
     end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first()
     if not end_user:
         raise NotFound()