Skip to content

feat: block Gmail/Googlemail email+password sign-up, prompt Google OAuth#343

Merged
ben-fornefeld merged 1 commit into
mainfrom
devin/1779692721-gmail-oauth-prompt
May 25, 2026
Merged

feat: block Gmail/Googlemail email+password sign-up, prompt Google OAuth#343
ben-fornefeld merged 1 commit into
mainfrom
devin/1779692721-gmail-oauth-prompt

Conversation

@devin-ai-integration

@devin-ai-integration devin-ai-integration Bot commented May 25, 2026

Copy link
Copy Markdown
Contributor

Summary

Prevents users with @gmail.com or @googlemail.com emails from signing up with email+password. Instead, they see an inline info message prompting them to use "Continue with Google" OAuth.

Changes:

  • src/lib/utils/email.ts — new isGoogleEmail() helper that checks the email domain
  • src/app/(auth)/sign-up/page.tsx — client-side: watches the email field in real time; when a Google email is detected, shows an info banner and disables the submit button
  • src/core/server/actions/auth-actions.ts — server-side: returns a server error early in signUpAction if the email is Gmail/Googlemail (defense in depth)
  • src/configs/user-messages.ts — adds the signUpGoogleEmail user-facing message

Review & Testing Checklist for Human

  • Visit /sign-up, enter a @gmail.com email → confirm the info message appears and the submit button is disabled
  • Enter a @googlemail.com email → same behavior
  • Enter a non-Google email (e.g. user@company.com) → confirm the form works normally
  • Verify "Continue with Google" OAuth still works for Google users

Notes

Sign-in with email+password is intentionally not blocked — this only affects new sign-ups. Existing users who already signed up with a Google email and password can still sign in.

Link to Devin session: https://app.devin.ai/sessions/05eb9cf06f4c4e3f9527f0358675235f

@devin-ai-integration @ben-fornefeld
feat: block Gmail/Googlemail sign-up with password, prompt Google OAuth
c75806e 
When a user enters a gmail.com or googlemail.com email during
email+password sign-up, the form now:

- Shows an inline info message prompting them to use Continue with Google
- Disables the submit button on the client side
- Returns a server error if the check is somehow bypassed

Co-Authored-By: ben@e2b.dev <ben@e2b.dev>
@devin-ai-integration

devin-ai-integration Bot commented May 25, 2026

Copy link
Copy Markdown
Contributor Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@cla-bot cla-bot Bot added the cla-signed label May 25, 2026
@vercel

vercel Bot commented May 25, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
web Ready Ready Preview, Comment May 25, 2026 7:11am
web-juliett Ready Ready Preview, Comment May 25, 2026 7:11am

Request Review

@ben-fornefeld ben-fornefeld merged commit 6b10529 into main May 25, 2026
15 checks passed
@ben-fornefeld ben-fornefeld deleted the devin/1779692721-gmail-oauth-prompt branch May 25, 2026 07:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ben-fornefeld ben-fornefeld ben-fornefeld approved these changes
@drankou drankou Awaiting requested review from drankou drankou is a code owner

Assignees

No one assigned

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ben-fornefeld