In my Yii 2 App Advanced theme-based app, I have reviewed /frontend/controllers/SiteController controller (site/login route → actionLogin method) and /common/models/User model. And either I am blind or there is no checking, if user that is trying to login has inactive status.
$user->validatePassword() method is only checking password and the
$this->getUser() only checks for username. There is no comparison to
I know that this is probably very obvious, but it slips my mind and I am a bit puzzled. Exactly which piece of code is then responsible for displaying “Incorrect username or password” validation error, if I am trying to login with user which exists, but has status = 9?
Which piece of code should I override in order to display “Your account must be verified first” error instead?