Spam Accounts are Signing Up for Equalify

[bbertucc]

Looks like babal94442@konetas.com signed up for Equalify. They are running a big scan of pages. This takes away from paying users using our service. How can we prevent this?

Tagging everyone involved with the backend and front end. Hopefully, someone can jump in and plug this vulnerability.

[heythisischris]

@bbertucc Taken care of!

Frontend: https://github.com/EqualifyEverything/equalify-dashboard/commit/a88039f3d0cccdd4ddce123c42bdb0033a602457 Backend: https://github.com/EqualifyEverything/equalify-api/commit/6cc56cf1267696349adb67e4b29ece267ac222e2

I added a new validated column to the users table.

By default, all new accounts have validated set to FALSE. Once we review an account, we can manually set validated to TRUE. Only validated accounts are allowed to perform sitemap scans. All accounts (validated/unvalidated) can perform single scans to demonstrate basic functionality.

Created a PR to merge frontend staging into production: https://github.com/EqualifyEverything/equalify-dashboard/pull/62. Backend is already merged to production.

[bbertucc]

Thanks. Looks good.