emails: hardcode nondisposable email list.

Hardcode the list of nondisposable email providers instead of making it a config option. Also add a few new providers. This was previously a config option to keep it secret, but there's not much need for secrecy here. A Restricted user's email must be on this list to unrestrict their account. If a user is Restricted and their email is not in this list, then it's assumed to be disposable and can't be used to unrestrict their account even if they verify their email address.
2021-09-05 18:21:35 -05:00
parent 19f01d4554
commit 28edd5a22a
4 changed files with 74 additions and 21 deletions
--- a/config/danbooru_default_config.rb
+++ b/config/danbooru_default_config.rb
@@ -551,19 +551,6 @@ module Danbooru
      nil
    end

-    # The whitelist of email domains allowed for account verification purposes.
-    # If a user signs up from a proxy, they must verify their account using an
-    # email address from one of the domains on this list before they can do
-    # anything on the site. This is meant to prevent users from using
-    # disposable emails to create sockpuppet accounts.
-    #
-    # If this list is empty or nil, then there are no restrictions on which
-    # email domains can be used to verify accounts.
-    def email_domain_verification_list
-      # ["gmail.com", "outlook.com", "yahoo.com"]
-      []
-    end
-
    # Cloudflare API token. Used to purge URLs from Cloudflare's cache when a
    # post is replaced. The token must have 'zone.cache_purge' permissions.
    # https://support.cloudflare.com/hc/en-us/articles/200167836-Managing-API-Tokens-and-Keys