feat: don't allow to emit otp when user isn't active (#79)

* feat: don't allow to emit otp when user isn't active

Signed-off-by: romanetar <roman_ag@hotmail.com>

* fix: user not active validation message tweak

Signed-off-by: romanetar <roman_ag@hotmail.com>

---------

Signed-off-by: romanetar <roman_ag@hotmail.com>

Author: romanetar

app/Http/Controllers/UserController.php

@@ -302,6 +302,11 @@ public function emitOTP()
                 throw new ValidationException("empty username.");
             }
 
+            $user = $this->auth_service->getUserByUsername($username);
+
+            if (!$user->isActive())
+                throw new ValidationException("User is not active.");
+
             $client = null;
 
             // check if we have a former oauth2 request