feat: admin ui for disabling users (#1547)

packages/api/v1/middleware/authenticated.ts

@@ -1,5 +1,6 @@
 import type { NextApiRequest } from 'next';
 
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
 import { getApiTokenByToken } from '@documenso/lib/server-only/public-api/get-api-token-by-token';
 import type { Team, User } from '@documenso/prisma/client';
 
@@ -22,18 +23,33 @@ export const authenticatedMiddleware = <
       const [token] = (authorization || '').split('Bearer ').filter((s) => s.length > 0);
 
       if (!token) {
-        throw new Error('Token was not provided for authenticated middleware');
+        throw new AppError(AppErrorCode.UNAUTHORIZED, {
+          message: 'API token was not provided',
+        });
       }
 
       const apiToken = await getApiTokenByToken({ token });
 
+      if (apiToken.user.disabled) {
+        throw new AppError(AppErrorCode.UNAUTHORIZED, {
+          message: 'User is disabled',
+        });
+      }
+
       return await handler(args, apiToken.user, apiToken.team);
-    } catch (_err) {
-      console.log({ _err });
+    } catch (err) {
+      console.log({ err: err });
+
+      let message = 'Unauthorized';
+
+      if (err instanceof AppError) {
+        message = err.message;
+      }
+
       return {
         status: 401,
         body: {
-          message: 'Unauthorized',
+          message,
         },
       } as const;
     }