From 641531e8b3baf702d04167e88e9e83d7da529447 Mon Sep 17 00:00:00 2001
From: Nevo David <me@nevos.io>
Date: Fri, 1 Aug 2025 18:58:42 +0700
Subject: [PATCH] feat: prevent email with plug

---
 apps/backend/src/services/auth/auth.service.ts | 5 ++++-
 apps/frontend/src/components/auth/register.tsx | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/apps/backend/src/services/auth/auth.service.ts b/apps/backend/src/services/auth/auth.service.ts
index de53a531..31e889e6 100644
--- a/apps/backend/src/services/auth/auth.service.ts
+++ b/apps/backend/src/services/auth/auth.service.ts
@@ -36,10 +36,13 @@ export class AuthService {
     addToOrg?: boolean | { orgId: string; role: 'USER' | 'ADMIN'; id: string }
   ) {
     if (provider === Provider.LOCAL) {
+      if (process.env.DISALLOW_PLUS && body.email.includes('+')) {
+        throw new Error('Email with plus sign is not allowed');
+      }
       const user = await this._userService.getUserByEmail(body.email);
       if (body instanceof CreateOrgUserDto) {
         if (user) {
-          throw new Error('User already exists');
+          throw new Error('Email already exists');
         }
 
         if (!(await this.canRegister(provider))) {
diff --git a/apps/frontend/src/components/auth/register.tsx b/apps/frontend/src/components/auth/register.tsx
index 48e7b5ab..13d925d2 100644
--- a/apps/frontend/src/components/auth/register.tsx
+++ b/apps/frontend/src/components/auth/register.tsx
@@ -116,7 +116,7 @@ export function RegisterAfter({
         ...data,
       }),
     })
-      .then((response) => {
+      .then(async (response) => {
         setLoading(false);
         if (response.status === 200) {
           fireEvents('register');
@@ -129,7 +129,7 @@ export function RegisterAfter({
           });
         } else {
           form.setError('email', {
-            message: getHelpfulReasonForRegistrationFailure(response.status),
+            message: await response.text(),
           });
         }
       })