我正在使用Devise作为用户身份验证运行Rails 5应用程序。最近,我开始看到许多垃圾邮件用户注册,通常使用相同的名字和姓氏,其形式为:first_name
:asldkn,last_name
:asldkn。对于垃圾邮件用户来说,情况总是如此。
由于我目前不想处理它,所以我只修改了注册控制器:
if params[:user][:first_name] == params[:user][:last_name]
render json: { message: 'Bots are not welcome :-)' }, status: 401
else
@user = User.new(user_params)
if @user.save
sign_in(@user)
if request.referer.include?('fallback_id')
user = User.friendly.find(params[:fallback_id])
redirect_to team_user_path(user.team, user)
elsif request.referer.include?('fallback_camp_id')
camp = Camp.friendly.find(params[:fallback_camp_id])
redirect_to camp
elsif request.referer.include?('fallback_plan_id')
plan = Plan.friendly.find(params[:fallback_plan_id])
redirect_to team_plan_path(20, plan)
else
redirect_to current_user.team
end
unless @user.team.id == 52
NewRegistrationMailer.new_registration(@user).deliver_now
end
else
redirect_to new_user_team_registration_path(@team),
flash: { notice: "Unable to sign in. Please check all fields and try again." }
end
end
我有2个问题:
1)为什么电子邮件仍会发送给first_name == last_name的用户?而且,更具体地说,如何确保未将欢迎电子邮件发送给垃圾邮件用户?
2)Devise and Rails中有防止垃圾邮件注册的最佳实践方法吗?
谢谢