prevent signup with disposable mail

api/dashboard_integration_test.go

@@ -4024,7 +4024,7 @@ func (u *UserIntegrationTestSuite) Test_RegisterUser() {
 	r := &models.RegisterUser{
 		FirstName:        "test",
 		LastName:         "test",
-		Email:            "test@test.com",
+		Email:            "test@convoy.com",
 		Password:         "123456",
 		OrganisationName: "test",
 	}
@@ -4077,7 +4077,7 @@ func (u *UserIntegrationTestSuite) Test_RegisterUser_RegistrationNotAllowed() {
 	r := &models.RegisterUser{
 		FirstName:        "test",
 		LastName:         "test",
-		Email:            "test@test.com",
+		Email:            "test@convoy.com",
 		Password:         "123456",
 		OrganisationName: "test",
 	}
@@ -4108,7 +4108,7 @@ func (u *UserIntegrationTestSuite) Test_RegisterUser_NoFirstName() {
 	r := &models.RegisterUser{
 		FirstName:        "test",
 		LastName:         "test",
-		Email:            "test@test.com",
+		Email:            "test@convoy.com",
 		Password:         "123456",
 		OrganisationName: "test",
 	}
@@ -4138,7 +4138,7 @@ func (u *UserIntegrationTestSuite) Test_RegisterUser_NoEmail() {
 	r := &models.RegisterUser{
 		FirstName:        "test",
 		LastName:         "test",
-		Email:            "test@test.com",
+		Email:            "test@convoy.com",
 		Password:         "123456",
 		OrganisationName: "test",
 	}

api/handlers/user.go

@@ -17,13 +17,22 @@ import (
 	m "github.com/frain-dev/convoy/internal/pkg/middleware"
 )
 
+const (
+	ErrDisposableEmailNotAllowed = "disposable email not allowed."
+)
+
 func (h *Handler) RegisterUser(w http.ResponseWriter, r *http.Request) {
 	var newUser models.RegisterUser
 	if err := util.ReadJSON(r, &newUser); err != nil {
 		_ = render.Render(w, r, util.NewErrorResponse(err.Error(), http.StatusBadRequest))
 		return
 	}
 
+	if newUser.EmailIsDisposable() {
+		_ = render.Render(w, r, util.NewErrorResponse(ErrDisposableEmailNotAllowed, http.StatusBadRequest))
+		return
+	}
+
 	if err := newUser.Validate(); err != nil {
 		_ = render.Render(w, r, util.NewErrorResponse(err.Error(), http.StatusBadRequest))
 		return

api/models/user.go

@@ -1,6 +1,8 @@
 package models
 
 import (
+	emailverifier "github.com/AfterShip/email-verifier"
+
 	"github.com/frain-dev/convoy/auth"
 	"github.com/frain-dev/convoy/datastore"
 	"github.com/frain-dev/convoy/util"
@@ -27,6 +29,17 @@ func (ru *RegisterUser) Validate() error {
 	return util.Validate(ru)
 }
 
+func (ru *RegisterUser) EmailIsDisposable() bool {
+	ret, err := emailverifier.NewVerifier().
+		EnableAutoUpdateDisposable().
+		Verify(ru.Email)
+	if err != nil {
+		return false
+	}
+
+	return ret.Disposable
+}
+
 type UpdateUser struct {
 	FirstName string `json:"first_name" valid:"required~please provide a first name"`
 	LastName  string `json:"last_name" valid:"required~please provide a last name"`

api/testdb/seed.go

@@ -535,7 +535,7 @@ func SeedUser(db database.Database, email, password string) (*datastore.User, er
 	}
 
 	if email == "" {
-		email = "test@test.com"
+		email = "test@convoy.com"
 	}
 
 	user := &datastore.User{

database/postgres/users_test.go

@@ -43,7 +43,7 @@ func Test_CreateUser(t *testing.T) {
 					UID:                        ulid.Make().String(),
 					FirstName:                  "test",
 					LastName:                   "test",
-					Email:                      "test@test.com",
+					Email:                      "test@convoy.com",
 					EmailVerified:              true,
 					Password:                   "dvsdvdkhjskuis",
 					ResetPasswordToken:         "dvsdvdkhjskuis",
@@ -55,7 +55,7 @@ func Test_CreateUser(t *testing.T) {
 					UID:       ulid.Make().String(),
 					FirstName: "test",
 					LastName:  "test",
-					Email:     "test@test.com",
+					Email:     "test@convoy.com",
 				},
 			},
 		},

go.mod

@@ -4,6 +4,7 @@ go 1.21
 
 require (
 	cloud.google.com/go/pubsub v1.33.0
+	github.com/AfterShip/email-verifier v1.4.0
 	github.com/Subomi/go-authz v0.2.0
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
 	github.com/aws/aws-sdk-go v1.44.327
@@ -147,6 +148,7 @@ require (
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-version v1.7.0 // indirect
+	github.com/hbollon/go-edlib v1.6.0 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/in-toto/in-toto-golang v0.5.0 // indirect
 	github.com/invopop/yaml v0.2.0 // indirect

go.sum

@@ -385,6 +385,8 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9
 github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
 github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 h1:59MxjQVfjXsBpLy+dbd2/ELV5ofnUkUZBvWSC85sheA=
 github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU=
+github.com/AfterShip/email-verifier v1.4.0 h1:DoQplvVFVhZUfS5fPiVnmCQDr5i1tv+ivUV0TFd2AZo=
+github.com/AfterShip/email-verifier v1.4.0/go.mod h1:JNPV1KZpTq4TArmss1NAOJsTD8JRa/ZElbCAJCEgikg=
 github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
 github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
 github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
@@ -1181,6 +1183,8 @@ github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms=
 github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg=
+github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw=
+github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
 github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8=
 github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4=
 github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
@@ -1217,6 +1221,8 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO
 github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
 github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
 github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
+github.com/hbollon/go-edlib v1.6.0 h1:ga7AwwVIvP8mHm9GsPueC0d71cfRU/52hmPJ7Tprv4E=
+github.com/hbollon/go-edlib v1.6.0/go.mod h1:wnt6o6EIVEzUfgbUZY7BerzQ2uvzp354qmS2xaLkrhM=
 github.com/hibiken/asynq v0.19.0/go.mod h1:tyc63ojaW8SJ5SBm8mvI4DDONsguP5HE85EEl4Qr5Ig=
 github.com/hibiken/asynq v0.21.0/go.mod h1:tyc63ojaW8SJ5SBm8mvI4DDONsguP5HE85EEl4Qr5Ig=
 github.com/hibiken/asynq v0.23.0/go.mod h1:K70jPVx+CAmmQrXot7Dru0D52EO7ob4BIun3ri5z1Qw=
@@ -1508,6 +1514,7 @@ github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzE
 github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
 github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
+github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms=
 github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
 github.com/newrelic/go-agent/v3 v3.0.0/go.mod h1:H28zDNUC0U/b7kLoY4EFOhuth10Xu/9dchozUiOseQQ=
 github.com/newrelic/go-agent/v3 v3.15.2/go.mod h1:1A1dssWBwzB7UemzRU6ZVaGDsI+cEn5/bNxI0wiYlIc=
@@ -2071,6 +2078,7 @@ golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw
 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -2205,6 +2213,7 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
 golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
 golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -2406,6 +2415,7 @@ golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
 golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
 golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
 golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -2798,6 +2808,8 @@ gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AW
 gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
 gopkg.in/guregu/null.v4 v4.0.0 h1:1Wm3S1WEA2I26Kq+6vcW+w0gcDo44YKYD7YIEJNHDjg=
 gopkg.in/guregu/null.v4 v4.0.0/go.mod h1:YoQhUrADuG3i9WqesrCmpNRwm1ypAgSHYqoOcTu/JrI=
+gopkg.in/h2non/gock.v1 v1.1.2 h1:jBbHXgGBK/AoPVfJh5x4r/WxIrElvbLel8TCZkkZJoY=
+gopkg.in/h2non/gock.v1 v1.1.2/go.mod h1:n7UGz/ckNChHiK05rDoiC4MYSunEC/lyaUm2WWaDva0=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
 gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=

services/login_user_test.go

@@ -48,13 +48,13 @@ func TestLoginUserService_Run(t *testing.T) {
 			name: "should_login_user_with_valid_credentials",
 			args: args{
 				ctx:  ctx,
-				user: &models.LoginUser{Username: "test@test.com", Password: "123456"},
+				user: &models.LoginUser{Username: "test@convoy.com", Password: "123456"},
 			},
 			wantUser: &datastore.User{
 				UID:       "12345",
 				FirstName: "test",
 				LastName:  "test",
-				Email:     "test@test.com",
+				Email:     "test@convoy.com",
 			},
 			dbFn: func(u *LoginUserService) {
 				us, _ := u.UserRepo.(*mocks.MockUserRepository)
@@ -68,7 +68,7 @@ func TestLoginUserService_Run(t *testing.T) {
 					UID:       "12345",
 					FirstName: "test",
 					LastName:  "test",
-					Email:     "test@test.com",
+					Email:     "test@convoy.com",
 					Password:  string(p.Hash),
 				}, nil)
 			},
@@ -93,7 +93,7 @@ func TestLoginUserService_Run(t *testing.T) {
 			name: "should_not_login_with_invalid_password",
 			args: args{
 				ctx:  ctx,
-				user: &models.LoginUser{Username: "test@test.com", Password: "12345"},
+				user: &models.LoginUser{Username: "test@convoy.com", Password: "12345"},
 			},
 			dbFn: func(u *LoginUserService) {
 				us, _ := u.UserRepo.(*mocks.MockUserRepository)
@@ -107,7 +107,7 @@ func TestLoginUserService_Run(t *testing.T) {
 					UID:       "12345",
 					FirstName: "test",
 					LastName:  "test",
-					Email:     "test@test.com",
+					Email:     "test@convoy.com",
 					Password:  string(p.Hash),
 				}, nil)
 			},

services/register_user_test.go

@@ -57,7 +57,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				user: &models.RegisterUser{
 					FirstName:        "test",
 					LastName:         "test",
-					Email:            "test@test.com",
+					Email:            "test@convoy.com",
 					Password:         "123456",
 					OrganisationName: "test",
 				},
@@ -66,7 +66,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				UID:       "12345",
 				FirstName: "test",
 				LastName:  "test",
-				Email:     "test@test.com",
+				Email:     "test@convoy.com",
 			},
 			dbFn: func(u *RegisterUserService) {
 				us, _ := u.UserRepo.(*mocks.MockUserRepository)
@@ -96,7 +96,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				user: &models.RegisterUser{
 					FirstName:        "test",
 					LastName:         "test",
-					Email:            "test@test.com",
+					Email:            "test@convoy.com",
 					Password:         "123456",
 					OrganisationName: "test",
 				},
@@ -116,7 +116,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				user: &models.RegisterUser{
 					FirstName:        "test",
 					LastName:         "test",
-					Email:            "test@test.com",
+					Email:            "test@convoy.com",
 					Password:         "123456",
 					OrganisationName: "test",
 				},
@@ -125,7 +125,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				UID:       "12345",
 				FirstName: "test",
 				LastName:  "test",
-				Email:     "test@test.com",
+				Email:     "test@convoy.com",
 			},
 			dbFn: func(u *RegisterUserService) {
 				us, _ := u.UserRepo.(*mocks.MockUserRepository)
@@ -152,7 +152,7 @@ func TestRegisterUserService_Run(t *testing.T) {
 				user: &models.RegisterUser{
 					FirstName:        "test",
 					LastName:         "test",
-					Email:            "test@test.com",
+					Email:            "test@convoy.com",
 					Password:         "123456",
 					OrganisationName: "test",
 				},