Add ability to block sign-ups from IP (#19037)

author: Eugen Rochko <eugen@zeonfederated.com> 2022-08-24 19:00:37 +0200
committer: GitHub <noreply@github.com> 2022-08-24 19:00:37 +0200
commit: d83faa1a8902c91a5dbd0bf3d9740e3e19c1d623 (patch)
tree: 11ac6179fc4de63220b1ed45e81908f2bcf4c5d3 /app/controllers/auth/registrations_controller.rb
parent: 5920d8fe33d5ecb0c7ca20c3b255216bb8de4aa9 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 1c3adbd78..7e86e01ba 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -82,7 +82,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
   end
 
   def check_enabled_registrations
-    redirect_to root_path if single_user_mode? || omniauth_only? || !allowed_registrations?
+    redirect_to root_path if single_user_mode? || omniauth_only? || !allowed_registrations? || ip_blocked?
   end
 
   def allowed_registrations?
@@ -93,6 +93,10 @@ class Auth::RegistrationsController < Devise::RegistrationsController
     ENV['OMNIAUTH_ONLY'] == 'true'
   end
 
+  def ip_blocked?
+    IpBlock.where(severity: :sign_up_block).where('ip >>= ?', request.remote_ip.to_s).exists?
+  end
+
   def invite_code
     if params[:user]
       params[:user][:invite_code]
author	Eugen Rochko <eugen@zeonfederated.com>	2022-08-24 19:00:37 +0200
committer	GitHub <noreply@github.com>	2022-08-24 19:00:37 +0200
commit	d83faa1a8902c91a5dbd0bf3d9740e3e19c1d623 (patch)
tree	11ac6179fc4de63220b1ed45e81908f2bcf4c5d3 /app/controllers/auth/registrations_controller.rb
parent	5920d8fe33d5ecb0c7ca20c3b255216bb8de4aa9 (diff)