feat: improve email validation

1 files changed, 14 insertions, 0 deletions

diff --git a/src/server/api/endpoints/i/update-email.ts b/src/server/api/endpoints/i/update-email.ts
index 14aedad88b..9b6fb9c410 100644
--- a/src/server/api/endpoints/i/update-email.ts
+++ b/src/server/api/endpoints/i/update-email.ts
@@ -8,6 +8,7 @@ import * as bcrypt from 'bcryptjs';
 import { Users, UserProfiles } from '@/models/index';
 import { sendEmail } from '@/services/send-email';
 import { ApiError } from '../../error';
+import { validateEmailForAccount } from '@/services/validate-email-for-account';
 
 export const meta = {
 	requireCredential: true as const,
@@ -35,6 +36,12 @@ export const meta = {
 			code: 'INCORRECT_PASSWORD',
 			id: 'e54c1d7e-e7d6-4103-86b6-0a95069b4ad3'
 		},
+
+		unavailable: {
+			message: 'Unavailable email address.',
+			code: 'UNAVAILABLE',
+			id: 'a2defefb-f220-8849-0af6-17f816099323'
+		},
 	}
 };
 
@@ -48,6 +55,13 @@ export default define(meta, async (ps, user) => {
 		throw new ApiError(meta.errors.incorrectPassword);
 	}
 
+	if (ps.email != null) {
+		const available = await validateEmailForAccount(ps.email);
+		if (!available) {
+			throw new ApiError(meta.errors.unavailable);
+		}
+	}
+
 	await UserProfiles.update(user.id, {
 		email: ps.email,
 		emailVerified: false,