opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: avoid sending email to unauth users

This commit is contained in:
Yeuoly 2024-12-13 20:21:02 +08:00
parent 2e2d1659ca
commit 92e02c1d0c
No known key found for this signature in database
GPG Key ID: A66E7E320FB19F61
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
api/services/account_service.py
View File

@ -390,7 +390,14 @@ class AccountService:
def send_email_code_login_email(
cls, account: Optional[Account] = None, email: Optional[str] = None, language: Optional[str] = "en-US"
):
if cls.email_code_login_rate_limiter.is_rate_limited(email):
if email:
if not AccountService.verify_account_whitelist(email):
raise ValueError("Account is not whitelisted")
elif account:
if not AccountService.verify_account_whitelist(account.email):
raise ValueError("Account is not whitelisted")
if cls.email_code_login_rate_limiter.is_rate_limited(account_email):
from controllers.console.auth.error import EmailCodeLoginRateLimitExceededError
raise EmailCodeLoginRateLimitExceededError()