users: require email verification for signups from proxies.

Require users who signup using proxies to verify their email addresses before they can perform any edits. For verification purposes, the email must be a nondisposable address from a whitelist of trusted email providers.
2020-03-24 02:18:37 -05:00
parent 5faa323729
commit b7bd6c8fdd
10 changed files with 83 additions and 2 deletions
--- a/app/models/email_address.rb
+++ b/app/models/email_address.rb
@@ -2,24 +2,33 @@ class EmailAddress < ApplicationRecord
  # https://www.regular-expressions.info/email.html
  EMAIL_REGEX = /\A[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}\z/

-  belongs_to :user
+  belongs_to :user, inverse_of: :email_address

  validates :address, presence: true, confirmation: true, format: { with: EMAIL_REGEX }
  validates :normalized_address, uniqueness: true
  validates :user_id, uniqueness: true
  validate :validate_deliverable, on: :deliverable
+  after_save :update_user

  def address=(value)
    self.normalized_address = EmailValidator.normalize(value) || address
    super
  end

+  def nondisposable?
+    EmailValidator.nondisposable?(address)
+  end
+
  def validate_deliverable
    if EmailValidator.undeliverable?(address)
      errors[:address] << "is invalid or does not exist"
    end
  end

+  def update_user
+    user.update!(is_verified: is_verified? && nondisposable?)
+  end
+
  concerning :VerificationMethods do
    def verifier
      @verifier ||= Danbooru::MessageVerifier.new(:email_verification_key)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -63,6 +63,8 @@ class User < ApplicationRecord
    opt_out_tracking
    no_flagging
    no_feedback
+    requires_verification
+    is_verified
  )

  has_bit_flags BOOLEAN_ATTRIBUTES, :field => "bit_prefs"