From 3b1fa792cf2435b893c908534450af31aea0ce1d Mon Sep 17 00:00:00 2001
From: Peter Deltchev <peter@deltchev.com>
Date: Tue, 29 Dec 2015 13:32:14 -0800
Subject: [PATCH] #29: This works because the only disabled accounts right now
 are merged ones.

---
 app/Http/Middleware/DisabledAccountCheck.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/DisabledAccountCheck.php b/app/Http/Middleware/DisabledAccountCheck.php
index ff4cf00a..2fee8707 100644
--- a/app/Http/Middleware/DisabledAccountCheck.php
+++ b/app/Http/Middleware/DisabledAccountCheck.php
@@ -53,11 +53,15 @@ class DisabledAccountCheck
      */
     public function handle($request, Closure $next)
     {
+        // TODO:    don't automatically log the user out some time after
+        //          issue #29 is fixed or when disabled_at starts being used for
+        //          something other than merged accounts.
         if ($this->auth->check()
             && $this->auth->user()->disabled_at !== null
             && !($request->getMethod() === 'POST' && $request->getRequestUri() == '/auth/logout')
         ){
-            return Response::view('home.account-disabled', ['username' => $this->auth->user()->username], 403);
+            $this->auth->logout();
+//            return Response::view('home.account-disabled', ['username' => $this->auth->user()->username], 403);
         }
 
         return $next($request);