We use cookies to ensure you get the best experience on our website
Startseite Erkunden Hilfe
Registrieren Anmelden
0ct0pu5
/
g-node-gin
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Quellcode durchsuchen

Check signups against email domain blocklist

Achilleas Koutsou vor 5 Jahren
Ursprung
da5b892c99
Commit
24504e0677
2 geänderte Dateien mit 49 neuen und 0 gelöschten Zeilen
Gesamtansicht Diff-Statistik anzeigen
  1. 15 0
      models/error.go
  2. 34 0
      models/user.go

+ 15 - 0
models/error.go
Datei anzeigen 

@@ -34,6 +34,21 @@ func (err ErrNamePatternNotAllowed) Error() string {
 
 	return fmt.Sprintf("name pattern is not allowed [pattern: %s]", err.Pattern)
 
 	return fmt.Sprintf("name pattern is not allowed [pattern: %s]", err.Pattern)
 
 }
 
 }
 
 
 
+type ErrBlockedDomain struct {
 
+	Email string
 
+}
 
+
 
+func IsErrBlockedDomain(err error) bool {
 
+	_, ok := err.(ErrBlockedDomain)
 
+	fmt.Printf("Error type is BlockedDomain: %t\n", ok)
 
+	return ok
 
+}
 
+
 
+func (err ErrBlockedDomain) Error() string {
 
+	// don't inform the user of the blocked domain
 
+	return fmt.Sprintf("user sign up failed")
 
+}
 
+
 
 //  ____ ___
 
 //  ____ ___
 
 // |    |   \______ ___________
 
 // |    |   \______ ___________
 
 // |    |   /  ___// __ \_  __ \
 
 // |    |   /  ___// __ \_  __ \

+ 34 - 0
models/user.go
Datei anzeigen 

@@ -5,6 +5,7 @@
 
 package models
 
 package models
 
 
 
 import (
 
 import (
 
+	"bufio"
 
 	"bytes"
 
 	"bytes"
 
 	"container/list"
 
 	"container/list"
 
 	"crypto/sha256"
 
 	"crypto/sha256"
 
@@ -15,6 +16,7 @@ import (
 
 	_ "image/jpeg"
 
 	_ "image/jpeg"
 
 	"image/png"
 
 	"image/png"
 
 	"os"
 
 	"os"
 
+	"path"
 
 	"path/filepath"
 
 	"path/filepath"
 
 	"strings"
 
 	"strings"
 
 	"time"
 
 	"time"
 
@@ -492,6 +494,31 @@ func IsUserExist(uid int64, name string) (bool, error) {
 
 	return x.Where("id != ?", uid).Get(&User{LowerName: strings.ToLower(name)})
 
 	return x.Where("id != ?", uid).Get(&User{LowerName: strings.ToLower(name)})
 
 }
 
 }
 
 
 
+func IsBlockedDomain(email string) (bool, error) {
 
+	fpath := path.Join(setting.CustomPath, "blocklist")
 
+	if !com.IsExist(fpath) {
 
+		return false, nil
 
+	}
 
+
 
+	f, err := os.Open(fpath)
 
+	if err != nil {
 
+		log.Error(2, "Failed to open file %q: %v", fpath, err)
 
+		return false, nil
 
+	}
 
+	defer f.Close()
 
+
 
+	scanner := bufio.NewScanner(f)
 
+	for scanner.Scan() {
 
+		// Check provided email address against each line as suffix
 
+		if strings.HasSuffix(email, scanner.Text()) {
 
+			log.Trace("New user email matched blocked domain: %q", email)
 
+			return true, nil
 
+		}
 
+	}
 
+
 
+	return false, nil
 
+}
 
+
 
 // GetUserSalt returns a ramdom user salt token.
 
 // GetUserSalt returns a ramdom user salt token.
 
 func GetUserSalt() (string, error) {
 
 func GetUserSalt() (string, error) {
 
 	return tool.RandomString(10)
 
 	return tool.RandomString(10)
 
@@ -561,6 +588,13 @@ func CreateUser(u *User) (err error) {
 
 		return ErrEmailAlreadyUsed{u.Email}
 
 		return ErrEmailAlreadyUsed{u.Email}
 
 	}
 
 	}
 
 
 
+	isBlocked, err := IsBlockedDomain(u.Email)
 
+	if err != nil {
 
+		return err
 
+	} else if isBlocked {
 
+		return ErrBlockedDomain{u.Email}
 
+	}
 
+
 
 	u.LowerName = strings.ToLower(u.Name)
 
 	u.LowerName = strings.ToLower(u.Name)
 
 	u.AvatarEmail = u.Email
 
 	u.AvatarEmail = u.Email
 
 	u.Avatar = tool.HashEmail(u.AvatarEmail)
 
 	u.Avatar = tool.HashEmail(u.AvatarEmail)

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5