Prevent signup using anonymous mail domains

[leecalcote]

Current Behavior

Anyone can signup to use the Meshery Playground. Signup is necessary to ensure accountability given the open cluster nature of the playground.

Desired Behavior

Disallow signups from the following domains:

• @duck.com
• @anonaddy.me
• @protonmail.com
• @tuta.io

Implementation

Field validation using javascript and regex.

Acceptance Tests

1. Users who signup with any of the domains listed above are not allowed to submit the form.
2. Users who signup with any of the domains listed above are shown the following message:

"Use of the is not allowed. Please use a non-anonymous email address / domain.

The Meshery Playground is connected to live Kubernetes cluster(s) and allows users full-control over those clusters. Requiring users to register a non-anonymous user account keeps the Playground safe and healthy for all to enjoy. Without requiring users to sign-in, the Meshery Playground would allow anonymous access for anyone and everyone to potentially perform nefarious acts. Sign-up to receive a user account, entitled with perpetually free and full access the Playground environment."

---

Contributor Guide

[codingmickey]

Hi @leecalcote, I would like to work on this! Should I start with it?

[leecalcote]

Sounds good, @codingmickey

[codingmickey]

Hi, @leecalcote how should the given message be displayed according to you?

• A modal including that message
• Below the form inputs in red
• or any other way that is better for the user to understand and has good UX

[leecalcote]

Thanks for asking. I'm in favor of the method in your second bullet point, which includes disabling (or keeping disabled) the Submit button until each field's criteria is satisfied.