Paste the following method to your LoginController.
protected function validateLogin(Request $request){ $this->validate($request, [ $this->username() => 'exists:users,' . $this->username() . ',active,1','password' => 'required|string', ]);}The last two comma-separated parameters (active,1) act as a WHERE clause (WHERE active = '1') and can be alternatively written this way:
protected function validateLogin(Request $request){ $this->validate($request, [ $this->username() => Rule::exists('users')->where(function ($query) { $query->where('active', 1); }),'password' => 'required|string' ]);}Normally, the validation method only checks if email and password fields are filled out. With the modification above we require that a given email address is found in a DB row with active value set to 1.
You can also customize the message:
protected function validateLogin(Request $request){ $this->validate($request, [ $this->username() => 'exists:users,' . $this->username() . ',active,1','password' => 'required|string', ], [ $this->username() . '.exists' => 'The selected email is invalid or the account has been disabled.' ]);}Note that the above message will be shown both when a given email address doesn't exist or when the account is disabled.