From ffca4b054388b4e2fbf774457aa4715516a2c4e5 Mon Sep 17 00:00:00 2001
From: James Cole <thegrumpydictator@gmail.com>
Date: Mon, 12 Dec 2016 15:27:56 +0100
Subject: [PATCH] More code for #456

---
 app/Http/Controllers/Auth/RegisterController.php | 11 ++++++++++-
 resources/lang/en_US/validation.php              |  1 +
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index 2a62f91ff8..3696f41806 100755
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -92,9 +92,18 @@ class RegisterController extends Controller
         // is user email domain blocked?
         if ($this->isBlockedDomain($data['email'])) {
             $validator->getMessageBag()->add('email', (string)trans('validation.invalid_domain'));
-
             $this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
+            $this->throwValidationException($request, $validator);
+        }
 
+        // is user a deleted user?
+        $hash          = hash('sha256', $data['email']);
+        $configuration = FireflyConfig::get('deleted_users', []);
+        $set           = $configuration->data;
+        if (in_array($hash, $set)) {
+            // user already deleted, cannot re-register :(
+            $validator->getMessageBag()->add('email', (string)trans('validation.deleted_user'));
+            $this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
             $this->throwValidationException($request, $validator);
         }
 
diff --git a/resources/lang/en_US/validation.php b/resources/lang/en_US/validation.php
index 33f05b180e..7905a9f4c8 100644
--- a/resources/lang/en_US/validation.php
+++ b/resources/lang/en_US/validation.php
@@ -12,6 +12,7 @@
 return [
     'iban'                           => 'This is not a valid IBAN.',
     'unique_account_number_for_user' => 'It looks like this account number is already in use.',
+    'deleted_user'                   => 'Due to security constraints, you cannot register using this email address.',
     'rule_trigger_value'             => 'This value is invalid for the selected trigger.',
     'rule_action_value'              => 'This value is invalid for the selected action.',
     'invalid_domain'                 => 'Due to security constraints, you cannot register from this domain.',