From a1de4fa4286f321e1dd93f5aaa3ff6a63161130b Mon Sep 17 00:00:00 2001
From: Yansong Zhang <916125788@qq.com>
Date: Thu, 24 Jul 2025 15:26:41 +0800
Subject: [PATCH] check is email is freeze user email

---
 api/controllers/console/workspace/account.py | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/api/controllers/console/workspace/account.py b/api/controllers/console/workspace/account.py
index 961ca202c4..fb16850540 100644
--- a/api/controllers/console/workspace/account.py
+++ b/api/controllers/console/workspace/account.py
@@ -9,12 +9,12 @@ from configs import dify_config
 from constants.languages import supported_language
 from controllers.console import api
 from controllers.console.auth.error import (
+    AccountInFreezeError,
     EmailAlreadyInUseError,
     EmailChangeLimitError,
     EmailCodeError,
     InvalidEmailError,
     InvalidTokenError,
-    AccountInFreezeError
 )
 from controllers.console.error import AccountNotFound, EmailSendIpLimitError
 from controllers.console.workspace.error import (
@@ -480,17 +480,19 @@ class ChangeEmailResetApi(Resource):
         parser.add_argument("token", type=str, required=True, nullable=False, location="json")
         args = parser.parse_args()
 
+        if AccountService.is_account_in_freeze(args["new_email"]):
+            raise AccountInFreezeError()
+
+        if not AccountService.check_email_unique(args["new_email"]):
+            raise EmailAlreadyInUseError()
+            
         reset_data = AccountService.get_change_email_data(args["token"])
         if not reset_data:
             raise InvalidTokenError()
 
         AccountService.revoke_change_email_token(args["token"])
 
-        if not AccountService.check_email_unique(args["new_email"]):
-            raise EmailAlreadyInUseError()
 
-        if AccountService.is_account_in_freeze(args["new_email"]):
-            raise AccountInFreezeError()
 
         old_email = reset_data.get("old_email", "")
         if current_user.email != old_email: