fix: add logic for blocking login when email is in freeze

api/controllers/console/auth/forgot_password.py

@@ -1,14 +1,13 @@
 import base64
 import secrets
 
-from api.services.errors.account import AccountRegisterError
 from flask import request
 from flask_restful import Resource, reqparse
 
 from constants.languages import languages
 from controllers.console import api
 from controllers.console.auth.error import EmailCodeError, InvalidEmailError, InvalidTokenError, PasswordMismatchError
-from controllers.console.error import AccountNotFound, AccountOnRegisterError, EmailSendIpLimitError
+from controllers.console.error import AccountNotFound, EmailSendIpLimitError
 from controllers.console.wraps import setup_required
 from events.tenant_event import tenant_was_created
 from extensions.ext_database import db
@@ -125,8 +124,6 @@ def post(self):
                 )
             except WorkSpaceNotAllowedCreateError:
                 pass
-            except AccountRegisterError as e:
-                return AccountOnRegisterError(message=str(e))
 
         return {"result": "success"}
 

api/controllers/console/auth/login.py

@@ -1,7 +1,6 @@
 from typing import cast
 
 import flask_login
-from api.services.errors.account import AccountRegisterError
 from flask import request
 from flask_restful import Resource, reqparse
 
@@ -18,7 +17,6 @@
 from controllers.console.error import (
     AccountBannedError,
     AccountNotFound,
-    AccountOnRegisterError,
     EmailSendIpLimitError,
     NotAllowedCreateWorkspace,
 )
@@ -198,8 +196,6 @@ def post(self):
                 )
             except WorkSpaceNotAllowedCreateError:
                 return NotAllowedCreateWorkspace()
-            except AccountRegisterError as e:
-                return AccountOnRegisterError(message=str(e))
         token_pair = AccountService.login(account, ip_address=extract_remote_ip(request))
         AccountService.reset_login_error_rate_limit(args["email"])
         return {"result": "success", "data": token_pair.model_dump()}

api/controllers/console/auth/oauth.py

@@ -3,6 +3,7 @@
 from typing import Optional
 
 import requests
+from api.controllers.console.error import AccountOnRegisterError
 from flask import current_app, redirect, request
 from flask_restful import Resource
 from werkzeug.exceptions import Unauthorized
@@ -16,7 +17,7 @@
 from models import Account
 from models.account import AccountStatus
 from services.account_service import AccountService, RegisterService, TenantService
-from services.errors.account import AccountNotFoundError, AccountRegisterError
+from services.errors.account import AccountNotFoundError
 from services.errors.workspace import WorkSpaceNotAllowedCreateError, WorkSpaceNotFoundError
 from services.feature_service import FeatureService
 
@@ -98,8 +99,8 @@ def get(self, provider: str):
                 f"{dify_config.CONSOLE_WEB_URL}/signin"
                 "?message=Workspace not found, please contact system admin to invite you to join in a workspace."
             )
-        except AccountRegisterError as e:
-            return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin?message={e.message}")
+        except AccountOnRegisterError as e:
+            return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin?message={e.description}")
 
         # Check account status
         if account.status == AccountStatus.BANNED.value:

api/controllers/console/error.py

@@ -97,7 +97,4 @@ class UnauthorizedAndForceLogout(BaseHTTPException):
 class AccountOnRegisterError(BaseHTTPException):
     error_code = "account_register_error"
     code = 400
-
-    def __init__(self, message: str = ""):
-        description = f"Account register error: {message}."
-        super().__init__(description=description)
+    description = "Account register error."

api/controllers/console/workspace/account.py

@@ -277,7 +277,7 @@ def post(self):
         return {"result": "success"}
 
 
-class AccountDeleleUpdateFeedbackApi(Resource):
+class AccountDeleteUpdateFeedbackApi(Resource):
     @setup_required
     def post(self):
         account = current_user
@@ -304,6 +304,6 @@ def post(self):
 api.add_resource(AccountIntegrateApi, "/account/integrates")
 api.add_resource(AccountDeleteVerifyApi, "/account/delete/verify")
 api.add_resource(AccountDeleteApi, "/account/delete")
-api.add_resource(AccountDeleleUpdateFeedbackApi, "/account/delete/feedback")
+api.add_resource(AccountDeleteUpdateFeedbackApi, "/account/delete/feedback")
 # api.add_resource(AccountEmailApi, '/account/email')
 # api.add_resource(AccountEmailVerifyApi, '/account/email-verify')

api/services/account_service.py

@@ -8,6 +8,7 @@
 from hashlib import sha256
 from typing import Any, Optional
 
+from api.controllers.console.error import AccountOnRegisterError
 from pydantic import BaseModel
 from sqlalchemy import func
 from werkzeug.exceptions import Unauthorized
@@ -209,8 +210,8 @@ def create_account(
             raise AccountNotFound()
 
         if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(email):
-            raise AccountRegisterError(
-                "Unable to re-register the account because the deletion occurred less than 30 days ago"
+            raise AccountOnRegisterError(
+                description="Unable to re-register the account because the deletion occurred less than 30 days ago"
             )
 
         account = Account()
@@ -464,6 +465,11 @@ def get_user_through_email(cls, email: str):
         if account.status == AccountStatus.BANNED.value:
             raise Unauthorized("Account is banned.")
 
+        if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(email):
+            raise AccountOnRegisterError(
+                description="Unable to re-register the account because the deletion occurred less than 30 days ago"
+            )
+
         return account
 
     @staticmethod