Feat: prevent non work emails #3993
Conversation
|
|
|
What you've done to block domains on the backend is sound, but I would put the same logic within the body of How this will behave with Google SSO is that they will always be able to complete the sign in flow, but we'll prevent new user registration if the email is on the blacklist. So "[email protected]" is ok, but "[email protected]" is not. I'll take a look at how we can limit this set of changes to |
Checking canonical URL sounds easy, vs a FF which one you think makes most sense? I have local changes to add the FF if we wanna go that route 😄 |
|
And remember that this is an experiment for now. So we should try to be pragmatic if there are ways to cut corners. |
Probably both is good imo! |
FE-wise the only question is wether to block personal emails in invite or allow them, either isn't much work, it's mostly a product question |
When blocking in invite would you do it in the actual invite flow or when the user tries to sign up using that email? Or both. I'm not sure yet if blocking on invite is needed to start. I don't think so right now. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
|
📸 Preview service has generated an image. |
Mikehrn
dismissed stale reviews from gjedlicska and andrewwallacespeckle
via
cf25d2a
| @@ -89,6 +89,11 @@ | |||
| "type": "boolean", | |||
| "description": "Forces onboarding for all users", | |||
| "default": false | |||
| }, | |||
| "noPersonalEmailsEnabled": { | |||
There was a problem hiding this comment.
The negation (no) is tricky to decipher. Might have been better as AllowPersonalEmails or PersonalEmailsEnabled, and flip the logic internally.
There was a problem hiding this comment.
Wouldn't that cause it to block personal emails on all deployments? This is an experiment we want to run briefly, maybe just a week or so, to see the results on app. For now this is not a permanent product change so should have as little impact as possible on other deployments
There was a problem hiding this comment.
It should be true (i.e. existing behaviour) by default.
There was a problem hiding this comment.
Ah yeah true, good morning, I don't really wanna spend too much more time on this, I think we should go with this for now, and we can improve if it this becomes a permanent change (I do agree with your point tho)
| @@ -130,7 +130,7 @@ describe('GraphQL @apps-api', () => { | |||
| ;({ sendRequest } = await initializeTestServer(ctx)) | |||
| testUser = { | |||
| name: 'Dimitrie Stefanescu', | |||
| email: 'didimitrie@gmail.com', | |||
| email: 'didimitrie@example.org', | |||
There was a problem hiding this comment.
Nice, I like the example.org usage 👍
|
📸 Preview service has generated an image. |
This blocks signing up with a non-work email, as an experiment to see how it impacts our numbers. @cdriesler I gave blocking it when using single sign-on a shot, but not sure if this is correct. Please roast me if needed :D
I will leave this as a draft for now. Dont merge yet.