Show a useful message when a banned user tries to log in

app/controllers/session_controller.rb

@@ -28,6 +28,12 @@ class SessionController < ApplicationController
 
       # If their password is correct
       if @user.confirm_password?(params[:password])
+
+        if @user.is_banned?
+          render json: { error: I18n.t("login.banned", {date: I18n.l(@user.banned_till, format: :short_no_year)}) }
+          return
+        end
+
         if @user.email_confirmed?
           log_on_user(@user)
           render_serialized(@user, UserSerializer)

config/locales/server.en.yml

@@ -12,6 +12,7 @@ en:
   time:
     formats:
       short: "%m-%d-%Y"
+      short_no_year: "%B %-d"
 
   title: "Discourse"
   topics: "Topics"
@@ -685,6 +686,7 @@ en:
     active: "Your account is active and ready."
     activate_email: "You're almost done! We sent an activation email to <b>%{email}</b>. Please follow the instructions in the email to activate your account."
     not_activated: "You can't log in yet. We sent an activation email to you. Please follow the instructions in the email to activate your account."
+    banned: "You can't log in until %{date}."
     errors: "%{errors}"
     not_available: "Not available. Try %{suggestion}?"
     something_already_taken: "Something went wrong, perhaps the username or email is already registered. Try the forgot password link."

spec/controllers/session_controller_spec.rb

@@ -23,6 +23,15 @@ describe SessionController do
         end
       end
 
+      describe 'banned user' do
+        it 'should return an error' do
+          User.any_instance.stubs(:is_banned?).returns(true)
+          User.any_instance.stubs(:banned_till).returns(2.days.from_now)
+          xhr :post, :create, login: user.username, password: 'myawesomepassword'
+          ::JSON.parse(response.body)['error'].should be_present
+        end
+      end
+
       describe 'success by username' do
         before do
           xhr :post, :create, login: user.username, password: 'myawesomepassword'