From 683772f7b5a5eb22b6a6b56a5553ece5472477a1 Mon Sep 17 00:00:00 2001
From: chrisjsimpson <chris.j.simpson@live.co.uk>
Date: Mon, 11 Nov 2024 22:05:34 +0000
Subject: [PATCH] #1421 expand spam email check to new_customer checkout step

---
 subscribie/blueprints/checkout/__init__.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/subscribie/blueprints/checkout/__init__.py b/subscribie/blueprints/checkout/__init__.py
index bbce1ea2..dea26b8a 100644
--- a/subscribie/blueprints/checkout/__init__.py
+++ b/subscribie/blueprints/checkout/__init__.py
@@ -25,6 +25,7 @@
     SubscriptionNote,
     Setting,
     TaxRate,
+    SpamEmailDomain,
 )
 from subscribie.email import EmailMessageQueue
 from subscribie.utils import (
@@ -45,7 +46,6 @@
     signal_payment_failed,
     signal_new_donation,
 )
-from subscribie.notifications import newSubscriberEmailNotification
 import stripe
 import backoff
 import os
@@ -66,6 +66,15 @@ def donate_form():
 
 @checkout.route("/new_customer", methods=["GET"])
 def new_customer():
+    # Verify that shop owner email address is not
+    # a suspected SUSPECTED_SPAM_EMAIL_DOMAINS
+    user = User.query.first()
+    SUSPECTED_SPAM_EMAIL_DOMAINS = [d.domain for d in SpamEmailDomain.query.all()]
+    user_email_domain = user.email.split("@")[1]
+    if user_email_domain in SUSPECTED_SPAM_EMAIL_DOMAINS:
+        log.error(f"SUSPECTED_SPAM_EMAIL_DOMAIN {user.email} " "attempted to sign up")
+        return "<h1>Please contact support before signing-up, thank you.</h1>"
+
     session["subscribie_checkout_session_id"] = str(uuid4())
     plan = Plan.query.filter_by(uuid=request.args["plan"]).first()
     if plan is None: