From 3cf0c4693daa01e52e0ff4e8b8991103498a9cca Mon Sep 17 00:00:00 2001
From: Ismael Dosil <ismaeldosil@gmail.com>
Date: Wed, 28 Jan 2026 13:40:55 -0300
Subject: [PATCH] fix(auth): block archived users from logging in

Archived users can no longer log into the system. When an archived user
attempts to sign in, they are immediately signed out and shown an error
message asking them to contact an administrator.

Closes CHALK-095
---
 src/components/Firebase/Firebase.tsx | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/components/Firebase/Firebase.tsx b/src/components/Firebase/Firebase.tsx
index 8850767d3..db6072984 100644
--- a/src/components/Firebase/Firebase.tsx
+++ b/src/components/Firebase/Firebase.tsx
@@ -311,6 +311,13 @@ class Firebase {
       .signInWithEmailAndPassword(userData.email, userData.password)
       .then(async (userCredential) => {
         if (userCredential.user) {
+          // Check if user is archived
+          const userDoc = await this.db.collection('users').doc(userCredential.user.uid).get()
+          if (userDoc.exists && userDoc.data()?.archived === true) {
+            await this.auth.signOut()
+            throw new Error('Your account has been archived. Please contact an administrator.')
+          }
+
           await this.db.collection('users').doc(userCredential.user.uid).update({
             lastLogin: firebase.firestore.FieldValue.serverTimestamp()
           })