From f4972bb1ae0ab9cd060109090b9ec3d7851484b6 Mon Sep 17 00:00:00 2001
From: yukineko <27853966+hideki0403@users.noreply.github.com>
Date: Thu, 2 Nov 2023 19:08:35 +0900
Subject: [PATCH] =?UTF-8?q?enhance:=20=E6=8B=9B=E5=BE=85=E3=82=B3=E3=83=BC?=
 =?UTF-8?q?=E3=83=89=E4=BD=BF=E7=94=A8=E6=99=82,=20=E3=83=A1=E3=82=A2?=
 =?UTF-8?q?=E3=83=89=E8=AA=8D=E8=A8=BC=E6=99=82=E3=81=AB=E8=AA=8D=E8=A8=BC?=
 =?UTF-8?q?=E6=9C=9F=E9=99=90=E3=82=92=E7=A2=BA=E8=AA=8D=E3=81=99=E3=82=8B?=
 =?UTF-8?q?=E3=82=88=E3=81=86=E3=81=AB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/server/api/SignupApiService.ts        | 20 ++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/packages/backend/src/server/api/SignupApiService.ts b/packages/backend/src/server/api/SignupApiService.ts
index d2c4440116..c72420689f 100644
--- a/packages/backend/src/server/api/SignupApiService.ts
+++ b/packages/backend/src/server/api/SignupApiService.ts
@@ -136,7 +136,20 @@ export class SignupApiService {
 				return;
 			}
 
-			if (ticket.usedAt) {
+			// メアド認証が有効かつ有効期限が0以外に設定されている場合
+			if (instance.emailRequiredForSignup && instance.emailVerificationExpiresIn !== 0) {
+				// メアド認証済みならエラー
+				if (ticket.usedBy) {
+					reply.code(400);
+					return;
+				}
+
+				// 認証しておらず、まだ有効期限内ならエラー
+				if (ticket.usedAt && ticket.usedAt.getTime() + (instance.emailVerificationExpiresIn * 1000 * 60) > Date.now()) {
+					reply.code(400);
+					return;
+				}
+			} else if (ticket.usedAt) {
 				reply.code(400);
 				return;
 			}
@@ -222,8 +235,13 @@ export class SignupApiService {
 		const code = body['code'];
 
 		try {
+			const instance = await this.metaService.fetch(true);
 			const pendingUser = await this.userPendingsRepository.findOneByOrFail({ code });
 
+			if (instance.emailVerificationExpiresIn !== 0 && this.idService.parse(pendingUser.id).date.getTime() + (instance.emailVerificationExpiresIn * 1000 * 60) < Date.now()) {
+				throw new FastifyReplyError(400, 'EXPIRED');
+			}
+
 			const { account, secret } = await this.signupService.signup({
 				username: pendingUser.username,
 				passwordHash: pendingUser.password,