From 5eb877b7c28c9c193cb5cbbe2daf98b53d83c83b Mon Sep 17 00:00:00 2001
From: jackiettran <41605212+jackiettran@users.noreply.github.com>
Date: Wed, 7 Jan 2026 00:46:16 -0500
Subject: [PATCH] addtional checks for if user is banned

---
 backend/routes/auth.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/backend/routes/auth.js b/backend/routes/auth.js
index 975e2c7..576f4c7 100644
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@@ -414,6 +414,14 @@ router.post(
         }
       }
 
+      // Check if user is banned
+      if (user.isBanned) {
+        return res.status(403).json({
+          error: "Your account has been suspended. Please contact support for more information.",
+          code: "USER_BANNED",
+        });
+      }
+
       // Generate JWT tokens
       const token = jwt.sign(
         { id: user.id, jwtVersion: user.jwtVersion },
@@ -722,6 +730,14 @@ router.post("/refresh", async (req, res) => {
       });
     }
 
+    // Check if user is banned (defense-in-depth, jwtVersion should already catch this)
+    if (user.isBanned) {
+      return res.status(403).json({
+        error: "Your account has been suspended. Please contact support for more information.",
+        code: "USER_BANNED",
+      });
+    }
+
     // Generate new access token
     const newAccessToken = jwt.sign(
       { id: user.id, jwtVersion: user.jwtVersion },