feat(server): add flag to disable new sign ups (#6752)

2026-02-04 00:28:33 +00:00 · 2024-04-30 15:19:30 +00:00
parent 91ee5e05bb
commit cebb841430
5 changed files with 17 additions and 1 deletions
--- a/packages/backend/server/src/config/affine.ts
+++ b/packages/backend/server/src/config/affine.ts
@@ -53,6 +53,9 @@ AFFiNE.port = 3010;
 // AFFiNE.metrics.enabled = true;
 //
 // /* Authentication Settings */
+// /* Whether allow anyone signup */
+// AFFiNE.auth.allowSignup = true;
+//
 // /* User Signup password limitation */
 // AFFiNE.auth.password = {
 //   minLength: 8,
--- a/packages/backend/server/src/core/auth/controller.ts
+++ b/packages/backend/server/src/core/auth/controller.ts
@@ -15,6 +15,7 @@ import {
 import type { Request, Response } from 'express';

 import {
+  Config,
  PaymentRequiredException,
  Throttle,
  URLHelper,
@@ -43,7 +44,8 @@ export class AuthController {
    private readonly url: URLHelper,
    private readonly auth: AuthService,
    private readonly user: UserService,
-    private readonly token: TokenService
+    private readonly token: TokenService,
+    private readonly config: Config
  ) {}

  @Public()
@@ -74,6 +76,10 @@ export class AuthController {
    } else {
      // send email magic link
      const user = await this.user.findUserByEmail(credential.email);
+      if (!user && !this.config.auth.allowSignup) {
+        throw new BadRequestException('You are not allows to sign up.');
+      }
+
      const result = await this.sendSignInEmail(
        { email: credential.email, signUp: !user },
        redirectUri
--- a/packages/backend/server/src/core/auth/resolver.ts
+++ b/packages/backend/server/src/core/auth/resolver.ts
@@ -87,6 +87,10 @@ export class AuthResolver {
    @Args('email') email: string,
    @Args('password') password: string
  ) {
+    if (!this.config.auth.allowSignup) {
+      throw new ForbiddenException('You are not allowed to sign up.');
+    }
+
    validators.assertValidCredential({ email, password });
    const user = await this.auth.signUp(name, email, password);
    await this.auth.setCookie(ctx.req, ctx.res, user);
--- a/packages/backend/server/src/fundamentals/config/def.ts
+++ b/packages/backend/server/src/fundamentals/config/def.ts
@@ -214,6 +214,8 @@ export interface AFFiNEConfig {
   * authentication config
   */
  auth: {
+    allowSignup: boolean;
+
    /**
     * The minimum and maximum length of the password when registering new users
     *
--- a/packages/backend/server/src/fundamentals/config/default.ts
+++ b/packages/backend/server/src/fundamentals/config/default.ts
@@ -147,6 +147,7 @@ export const getDefaultAFFiNEConfig: () => AFFiNEConfig = () => {
      playground: true,
    },
    auth: {
+      allowSignup: true,
      password: {
        minLength: node.prod ? 8 : 1,
        maxLength: 32,