feat(auth): 🛂 Disable new user signups

apps/builder/pages/api/auth/adapter.ts

@@ -29,6 +29,11 @@ export function CustomAdapter(p: PrismaClient): Adapter {
       const workspaceInvitations = await p.workspaceInvitation.findMany({
         where: { email: user.email },
       })
+      if (
+        process.env.DISABLE_SIGNUP === 'true' &&
+        process.env.ADMIN_EMAIL !== data.email
+      )
+        throw Error('New users are forbidden')
       const createdUser = await p.user.create({
         data: {
           ...data,

apps/docs/docs/self-hosting/configuration.mdx

@@ -31,6 +31,7 @@ Both apps have their own environment config files. Here is an exhaustive list of
 | NEXTAUTH_URL           | http://localhost:3000                         | The builder base URL. Should be the publicly accessible URL (i.e. `https://typebot.domain.com`)                                                                                                                                             |
 | NEXT_PUBLIC_VIEWER_URL | http://localhost:3001                         | The viewer base URL. Should be the publicly accessible URL (i.e. `https://bot.domain.com`)                                                                                                                                                  |
 | NEXTAUTH_URL_INTERNAL  | --                                            | The internal builder base URL. You have to set it only when `NEXTAUTH_URL` isn't publicly accessible                                                                                                                                        |
+| DISABLE_SIGNUP         | false                                         | To disable new sign ups but still be able to sign in with existing users or admin email                                                                                                                                                     |
 
 <details><summary><h3>Email (Auth, notifications)</h3></summary>
 <p>