--- a/plugins/mod_auth_internal_hashed.lua	Wed Feb 22 15:32:40 2023 +0100
+++ b/plugins/mod_auth_internal_hashed.lua	Thu Feb 23 14:34:10 2023 +0100
@@ -98,6 +98,7 @@
 	return {
 		created = account.created;
 		password_updated = account.updated;
+		enabled = not account.disabled;
 	};
 end
 
@@ -111,8 +112,9 @@
 end
 
 function provider.is_enabled(username) -- luacheck: ignore 212
-	-- TODO look up somewhere and allow disabling
-	return true;
+	local info, err = provider.get_account_info(username);
+	if not info then return nil, err; end
+	return info.enabled;
 end
 
 function provider.enable(username) -- luacheck: ignore 212
@@ -170,7 +172,7 @@
 			local iteration_count, salt = credentials.iteration_count, credentials.salt;
 			stored_key = stored_key and from_hex(stored_key);
 			server_key = server_key and from_hex(server_key);
-			return stored_key, server_key, iteration_count, salt, provider.is_enabled(username);
+			return stored_key, server_key, iteration_count, salt, not credentials.disabled;
 		end
 	};
 	return new_sasl(host, testpass_authentication_profile);