feat: add dedicated sign-up config for oauth (#13610)

Currently, it is only possible to disable all registrations. However, it
would be helpful if you could disable normal registration but enable
OAuth registration.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Added a setting to enable/disable new user signups via OAuth (default:
enabled).
* Admin Settings (Authentication) now includes a toggle for OAuth
signups.
* OAuth signup flow now respects this setting, preventing new
registrations via OAuth when disabled.
  * Self-hosted configuration schema updated to include the new option.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Hudint Finn Weigand <dev@hudint.de>
Co-authored-by: DarkSky <darksky2048@gmail.com>
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>

packages/backend/server/src/core/auth/config.ts

@@ -8,6 +8,7 @@ export interface AuthConfig {
     ttr: number;
   };
   allowSignup: boolean;
+  allowSignupForOauth: boolean;
   requireEmailDomainVerification: boolean;
   requireEmailVerification: boolean;
   passwordRequirements: ConfigItem<{
@@ -27,6 +28,10 @@ defineModuleConfig('auth', {
     desc: 'Whether allow new registrations.',
     default: true,
   },
+  allowSignupForOauth: {
+    desc: 'Whether allow new registrations via configured oauth.',
+    default: true,
+  },
   requireEmailDomainVerification: {
     desc: 'Whether require email domain record verification before accessing restricted resources.',
     default: false,

packages/backend/server/src/plugins/oauth/controller.ts

@@ -224,7 +224,7 @@ export class OAuthController {
       return connectedAccount.user;
     }
 
-    if (!this.config.auth.allowSignup) {
+    if (!this.config.auth.allowSignupForOauth) {
       throw new SignUpForbidden();
     }