🔒✉️ feat: allow only certain domain (#1562)

* feat: allow only certain domain

* Update dotenv.md

* refactor( registrationController) & handle ALLOWED_REGISTRATION_DOMAINS not specified

* cleanup and moved to AuthService for better  error handling

* refactor: replace environment variable with librechat config item, add typedef for custom config, update docs for new registration object and allowedDomains values

* ci(AuthService): test for `isDomainAllowed`

---------

Co-authored-by: Danny Avila <messagedaniel@protonmail.com>

api/server/services/AuthService.spec.js

@@ -0,0 +1,39 @@
+const getCustomConfig = require('~/cache/getCustomConfig');
+const { isDomainAllowed } = require('./AuthService');
+
+jest.mock('~/cache/getCustomConfig', () => jest.fn());
+
+describe('isDomainAllowed', () => {
+  it('should allow domain when customConfig is not available', async () => {
+    getCustomConfig.mockResolvedValue(null);
+    await expect(isDomainAllowed('test@domain1.com')).resolves.toBe(true);
+  });
+
+  it('should allow domain when allowedDomains is not defined in customConfig', async () => {
+    getCustomConfig.mockResolvedValue({});
+    await expect(isDomainAllowed('test@domain1.com')).resolves.toBe(true);
+  });
+
+  it('should reject an email if it is falsy', async () => {
+    getCustomConfig.mockResolvedValue({});
+    await expect(isDomainAllowed('')).resolves.toBe(false);
+  });
+
+  it('should allow a domain if it is included in the allowedDomains', async () => {
+    getCustomConfig.mockResolvedValue({
+      registration: {
+        allowedDomains: ['domain1.com', 'domain2.com'],
+      },
+    });
+    await expect(isDomainAllowed('user@domain1.com')).resolves.toBe(true);
+  });
+
+  it('should reject a domain if it is not included in the allowedDomains', async () => {
+    getCustomConfig.mockResolvedValue({
+      registration: {
+        allowedDomains: ['domain1.com', 'domain2.com'],
+      },
+    });
+    await expect(isDomainAllowed('user@domain3.com')).resolves.toBe(false);
+  });
+});