Skip to content

rework weights for same name signups #1298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mantrakp04 merged 10 commits into from
Apr 12, 2026
Merged

rework weights for same name signups #1298

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
f4aadd3
update submodule
mantrakp04 Mar 28, 2026
dadc71f
Enhance sign-up risk assessment by adding sameEmailCount and sameEmai…
mantrakp04 Mar 28, 2026
d1b6564
Merge branch 'dev' into risk-score-rework
mantrakp04 Apr 4, 2026
b57f005
Add index for normalized sign-up email in ProjectUser model
mantrakp04 Apr 4, 2026
1861da9
Merge branch 'dev' into risk-score-rework
mantrakp04 Apr 6, 2026
526e5eb
Refactor sign-up email index management in ProjectUser model
mantrakp04 Apr 6, 2026
d51d3b0
Merge branch 'dev' into risk-score-rework
mantrakp04 Apr 9, 2026
b58bf1b
Merge branch 'dev' into risk-score-rework
mantrakp04 Apr 9, 2026
f9c7a66
Merge branch 'dev' into risk-score-rework
mantrakp04 Apr 12, 2026
1944c14
Merge branch 'dev' into risk-score-rework
N2D4 Apr 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions ...end/prisma/migrations/20260406000000_add_signup_email_normalized_recent_idx/migration.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-- SPLIT_STATEMENT_SENTINEL
-- SINGLE_STATEMENT_SENTINEL
-- RUN_OUTSIDE_TRANSACTION_SENTINEL
CREATE INDEX CONCURRENTLY IF NOT EXISTS "ProjectUser_signUpEmailNormalized_recent_idx"
ON "ProjectUser"("tenancyId", "isAnonymous", "signUpEmailNormalized", "signedUpAt");
1 change: 1 addition & 0 deletions apps/backend/prisma/schema.prisma
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -332,6 +332,7 @@ model ProjectUser {
@@index([tenancyId, createdAt(sort: Desc)], name: "ProjectUser_createdAt_desc")
@@index([tenancyId, isAnonymous, signedUpAt(sort: Asc)], name: "ProjectUser_signedUpAt_asc")
@@index([tenancyId, isAnonymous, signUpIp, signedUpAt], name: "ProjectUser_signUpIp_recent_idx")
@@index([tenancyId, isAnonymous, signUpEmailNormalized, signedUpAt], name: "ProjectUser_signUpEmailNormalized_recent_idx")
@@index([tenancyId, isAnonymous, signUpEmailBase, signedUpAt], name: "ProjectUser_signUpEmailBase_recent_idx")
@@index([tenancyId, sequenceId], name: "ProjectUser_tenancyId_sequenceId_idx")
@@index([shouldUpdateSequenceId, tenancyId], name: "ProjectUser_shouldUpdateSequenceId_idx")
Expand Down
20 changes: 18 additions & 2 deletions apps/backend/src/lib/risk-scores.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,17 @@ export type SignUpRiskAssessment = {
export type SignUpRiskRecentStatsRequest = {
signedUpAt: Date,
signUpIp: string | null,
signUpEmailNormalized: string | null,
signUpEmailBase: string | null,
recentWindowHours: number,
sameIpLimit: number,
sameEmailLimit: number,
similarEmailLimit: number,
};

export type SignUpRiskRecentStats = {
sameIpCount: number,
sameEmailCount: number,
similarEmailCount: number,
};

Expand All @@ -64,7 +67,7 @@ async function loadRecentSignUpStats(
const schema = await getPrismaSchemaForTenancy(tenancy);
const windowStart = new Date(request.signedUpAt.getTime() - request.recentWindowHours * 60 * 60 * 1000);

const [sameIpRows, similarEmailRows] = await Promise.all([
const [sameIpRows, sameEmailRows, similarEmailRows] = await Promise.all([
request.signUpIp == null || request.sameIpLimit === 0
? []
: prisma.$replica().$queryRaw<{ matched: number }[]>`
Expand All @@ -77,6 +80,18 @@ async function loadRecentSignUpStats(
LIMIT ${request.sameIpLimit}
`,

request.signUpEmailNormalized == null || request.sameEmailLimit === 0
? []
: prisma.$replica().$queryRaw<{ matched: number }[]>`
SELECT 1 AS "matched"
FROM ${sqlQuoteIdent(schema)}."ProjectUser"
WHERE "tenancyId" = ${tenancy.id}::UUID
AND "isAnonymous" = false
AND "signedUpAt" >= ${windowStart}
AND "signUpEmailNormalized" = ${request.signUpEmailNormalized}
LIMIT ${request.sameEmailLimit}
Comment thread
mantrakp04 marked this conversation as resolved.
`,
Comment thread
mantrakp04 marked this conversation as resolved.

request.signUpEmailBase == null || request.similarEmailLimit === 0
? []
: prisma.$replica().$queryRaw<{ matched: number }[]>`
Expand All @@ -92,6 +107,7 @@ async function loadRecentSignUpStats(

return {
sameIpCount: sameIpRows.length,
sameEmailCount: sameEmailRows.length,
similarEmailCount: similarEmailRows.length,
};
}
Expand Down Expand Up @@ -144,7 +160,7 @@ import.meta.vitest?.test("loaded private sign-up risk engine can calculate score
turnstileAssessment: { status: "ok" },
}, {
checkPrimaryEmailRisk: async () => ({ emailableScore: null }),
loadRecentSignUpStats: async () => ({ sameIpCount: 0, similarEmailCount: 0 }),
loadRecentSignUpStats: async () => ({ sameIpCount: 0, sameEmailCount: 0, similarEmailCount: 0 }),
});

expect(assessment).toMatchInlineSnapshot(`
Expand Down
2 changes: 1 addition & 1 deletion apps/backend/src/private/implementation
Open in desktop
Submodule implementation updated from e4f32c to 576f38
Loading