Added feature: Limit Spam Sign Ups in Rails Apps

See https://railsdesigner.com/saas/limit-spam-rails-signups/ for details

Author: eelcoj

Gemfile

@@ -55,3 +55,5 @@ group :development do
   # Use console on exceptions pages [https://github.com/rails/web-console]
   gem "web-console"
 end
+
+gem "invisible_captcha", "~> 2.3"

Gemfile.lock

@@ -108,6 +108,8 @@ GEM
       actionpack (>= 6.0.0)
       activesupport (>= 6.0.0)
       railties (>= 6.0.0)
+    invisible_captcha (2.3.0)
+      rails (>= 5.2)
     io-console (0.7.2)
     irb (1.14.1)
       rdoc (>= 4.0.0)
@@ -347,6 +349,7 @@ DEPENDENCIES
   brakeman
   debug
   importmap-rails
+  invisible_captcha (~> 2.3)
   jbuilder
   kamal
   propshaft

app/controllers/signups_controller.rb

@@ -1,5 +1,6 @@
 class SignupsController < ApplicationController
   allow_unauthenticated_access only: %w[new create]
+  invisible_captcha only: %w[create], timestamp_enabled: false
 
   def new
     @signup = Signup.new

app/models/signup.rb

@@ -10,6 +10,8 @@ class Signup
   validates :password, length: 8..128
   validates :terms, acceptance: true
 
+  validates :email_address, is_not_spam: true
+
   def save
     if valid?
       User.create!(email_address: email_address, password: password).tap do |user|

app/validators/is_not_spam_validator.rb

@@ -0,0 +1,28 @@
+class IsNotSpamValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, email_address)
+    return if email_address.blank?
+
+    if spam? email_address
+      record.errors.add(attribute, options[:message] || "appears suspicious")
+    end
+  end
+
+  private
+
+  MAXIMUM_DOTS = 3
+
+  def spam?(email_address)
+    local_part, domain = email_address.split("@", 2)
+
+    disposable?(domain) || excessive_dots_in?(local_part)
+  end
+
+  def disposable?(domain) = disposable_email_providers.include?(domain)
+
+  # make sure to copy the list of disposable emails providers from:
+  # https://github.com/disposable-email-domains/disposable-email-domains
+  #
+  def disposable_email_providers = File.read("config/disposable_email_providers.txt").split("\n")
+
+  def excessive_dots_in?(local_part) = local_part.count(".") >= MAXIMUM_DOTS
+end

app/views/signups/new.html.erb

@@ -8,5 +8,7 @@
   <%= form.check_box :terms %>
   <%= form.label :terms %><br>
 
+  <%= invisible_captcha %>
+
   <%= form.submit "Sign up" %>
 <% end %>