Author: Pedro Lucas Porcellis <porcellis@eletrotupi.com>
accounts: add an email domain blocked list It's a pretty naive and simple/basic measure against spam. In the future it would make sense to add this into a curated, public repository.
app/controllers/public/account_controller.rb | 41 ++++++++++++++++++--- config/application.rb | 10 +++-
diff --git a/app/controllers/public/account_controller.rb b/app/controllers/public/account_controller.rb index 3e14136f0775a4a19aa6af07b98bac5a96e52971..d7fe511ae04e24de2bbf551ed816d75dfd3a4b7a 100644 --- a/app/controllers/public/account_controller.rb +++ b/app/controllers/public/account_controller.rb @@ -319,18 +319,24 @@ end def check_email - if User.find_by(email: params[:address], environment_id: environment.id).nil? - @status = _('This e-mail address is available') - @status_class = 'validated' - else - @status = _('This e-mail address is taken') + if email_domain_blocklist.include?(params[:address].split("@").last) + @status = _('This e-mail address domain is blocked') @status_class = 'invalid' + else + if User.find_by(email: params[:address], environment_id: environment.id).nil? + @status = _('This e-mail address is available') + @status_class = 'validated' + else + @status = _('This e-mail address is taken') + @status_class = 'invalid' + end end + respond_to do |format| format.html { render :partial => 'email_status' } format.json { render :json => { - :status => @status, - :status_class => @status_class + :status => @status, + :status_class => @status_class } } end end @@ -395,6 +401,27 @@ end def clear_signup_start_time Rails.cache.delete params[:signup_time_key] if params[:signup_time_key] + end + + def email_domain_blocklist + [ + "livingthere.com", + "click2mail.net", + "janmail.org", + "livingthere.org", + "virtualassistantdubai.com", + "tmpmail.org", + "tmails.ws", + "tmpmail.net", + "tmpmail.ws", + "bareed.ws", + "tmpbox.net", + "moakt.com", + "moakt.co", + "moakt.cc", + "moakt.ws", + "disbox.org", + ] end def may_be_a_bot diff --git a/config/application.rb b/config/application.rb index 61abdd2e159cf8a528b22418ade56a221ff91d2e..158ff7ac354252b13d0ed3f5eba2d38e548e54c7 100644 --- a/config/application.rb +++ b/config/application.rb @@ -139,9 +139,13 @@ config.paths['db/migrate'].concat Dir.glob("{baseplugins,config/plugins}/*/db/migrate") config.i18n.load_path.concat Dir.glob("{baseplugins,config/plugins}/*/locales/*.{rb,yml}") - # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone. - # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC. - config.time_zone = File.read('/etc/timezone').split("\n").first + begin + # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone. + # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC. + config.time_zone = File.read('/etc/timezone').split("\n").first + rescue + config.time_zone = :utc + end # timezone varies for each request, see ApplicationController#set_time_zone config.active_record.default_timezone = :utc