First of all don't have a separate table have this in the uses table then you answered your own question a simple if statement should to do the trick.

Am newbie, and laravel brings the login system ready, then I do not know where I can make the scan.

You have to overwrite your postLogin method in App\Http\Controllers\AuthController

Laravel Default postLogin:

[...]
$credentials = $this->getCredentials($request);

        if (Auth::attempt($credentials, $request->has('remember'))) {
            return $this->handleUserWasAuthenticated($request, $throttles);
        }
[...]

Auth::attemp try to login the user with credentials, you have to expand the process in Auth::validate($credentials) and after that you have to check if the user is not locked. If the user is validated and not locked, you can login in the user with Auth::login($user, $request->has('remember'));

// Your postLogin $user->canLogin() method in your user-model, you can check if the locked table contains the user

[...]
/** @var User $user */
        $user = User::where($this->loginUsername(),"=",$credentials[$this->loginUsername()])->get()->first();

        if(Auth::validate($credentials)) {
            if ($user->canLogin()) {
                Auth::login($user, $request->has('remember'));
                return $this->handleUserWasAuthenticated($request, $throttles);
            }
            else
            {
                if ($throttles) {
                    $this->incrementLoginAttempts($request);
                }
                return redirect($this->loginPath())
                    ->withInput($request->only($this->loginUsername(), 'remember'))
                    ->withErrors([
                        $this->loginUsername() => Lang::has('auth.not_active')
                            ? Lang::get('auth.not_active')
                            : 'User is not active.',
                    ]);
            }
        }
[...]

You also have to update your Authenticate Middleware in App\Http\Middleware

  public function handle($request, Closure $next)
    {
        if ($this->auth->guest()) {
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            } else {
                return redirect()->guest(route('login'));
            }
        }

  if($this->auth->user()->yourCanLoginMethod())
            return $next($request);
        $this->auth->logout();

        return redirect()->guest(route('login'));
  }

HI, I'm also a big time newbie and I have the exact same problem. Using L5.1 my AuthController doesn't look at all like the answer from @biwerr, actually it's in a different path...
In App\Http\Controllers\Auth\AuthController I only have three methods: __construct(), validator() and create() and I still don't know where to check if user is locked (or active, in my case). Would you expand a little bit for us still learning L5.1?

@johanWP you have more than 3 mehtods in your auth controller. Laravel implements AuthenticatesAndRegistersUsers trait, this trait includes the above overwritten method

A second way (maybe) is to create a middleware, and place it after your auth middleware in http/kernel.php

I had to use middleware because my field was an enum type.. and you cant override that method...