I have used
silhouette.SecuredAction in my project to allow only users who have an access token to reach the API. The next step is to further restrict access to users who have activated their account (via a payment, for example).
Suppose we have a user model like this:
Every time a user calls our API, we would like to check whether the "activated" field is true, if not, we return a 401 error.
How do I go about doing this?