🔒 (auth) Block disposable emails during sign up

2023-07-27 09:29:17 +02:00
parent 320cffc420
commit abc3abd86b
1 changed files with 9 additions and 0 deletions
--- a/apps/builder/src/pages/api/auth/[...nextauth].ts
+++ b/apps/builder/src/pages/api/auth/[...nextauth].ts
@ -16,6 +16,7 @@ import { getNewUserInvitations } from '@/features/auth/helpers/getNewUserInvitat
 import { sendVerificationRequest } from '@/features/auth/helpers/sendVerificationRequest'
 import { Ratelimit } from '@upstash/ratelimit'
 import { Redis } from '@upstash/redis/nodejs'
+import got from 'got'

 const providers: Provider[] = []

@ -172,6 +173,14 @@ export const authOptions: AuthOptions = {
    signIn: async ({ account, user }) => {
      if (!account) return false
      const isNewUser = !('createdAt' in user && isDefined(user.createdAt))
+      if (isNewUser && user.email) {
+        const { body } = await got.get(
+          'https://raw.githubusercontent.com/disposable-email-domains/disposable-email-domains/master/disposable_email_blocklist.conf'
+        )
+        const disposableEmailDomains = body.split('\n')
+        if (disposableEmailDomains.includes(user.email.split('@')[1]))
+          return false
+      }
      if (process.env.DISABLE_SIGNUP === 'true' && isNewUser && user.email) {
        const { invitations, workspaceInvitations } =
          await getNewUserInvitations(prisma, user.email)