feat: support email domain restriction

2025-12-25 09:15:56 +08:00 · 2023-07-30 11:45:42 +08:00
parent ec88c0c240
commit 7c011066d1
5 changed files with 122 additions and 10 deletions
--- a/controller/misc.go
+++ b/controller/misc.go
@@ -3,10 +3,12 @@ package controller
 import (
 	"encoding/json"
 	"fmt"
-	"github.com/gin-gonic/gin"
 	"net/http"
 	"one-api/common"
 	"one-api/model"
+	"strings"
+
+	"github.com/gin-gonic/gin"
 )

 func GetStatus(c *gin.Context) {
@@ -78,6 +80,20 @@ func SendEmailVerification(c *gin.Context) {
 		})
 		return
 	}
+	if common.EmailDomainRestrictionEnabled {
+		allowedEmailDomains := common.RestrictedEmailDomains
+
+		// Check if email suffix is allowed
+		allowed := strings.Contains(strings.Join(allowedEmailDomains, ","), strings.Split(email, "@")[1])
+
+		if !allowed {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": "该邮箱地址不允许注册",
+			})
+			return
+		}
+	}
 	if model.IsEmailAlreadyTaken(email) {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
--- a/controller/option.go
+++ b/controller/option.go
@@ -2,11 +2,12 @@ package controller

 import (
 	"encoding/json"
-	"github.com/gin-gonic/gin"
 	"net/http"
 	"one-api/common"
 	"one-api/model"
 	"strings"
+
+	"github.com/gin-gonic/gin"
 )

 func GetOptions(c *gin.Context) {
@@ -49,6 +50,14 @@ func UpdateOption(c *gin.Context) {
 			})
 			return
 		}
+	case "EmailDomainRestrictionEnabled":
+		if option.Value == "true" && len(common.RestrictedEmailDomains) == 0 {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": "无法启用邮箱域名限制，请先填入限制的邮箱域名！",
+			})
+			return
+		}
 	case "WeChatAuthEnabled":
 		if option.Value == "true" && common.WeChatServerAddress == "" {
 			c.JSON(http.StatusOK, gin.H{