NextAuth.js
import NextAuth from "next-auth";
import GoogleProvider from "next-auth/providers/google";
import CredentialsProvider from "next-auth/providers/credentials";
async function isDisposable(email) {
try {
const r = await fetch(
`https://api.disposableguard.com/v1/check?email=${encodeURIComponent(email)}`,
{ headers: { Authorization: `Bearer ${process.env.DG_KEY}` } }
);
if (!r.ok) return false;
const data = await r.json();
return data.is_disposable === true;
} catch {
return false;
}
}
export const authOptions = {
providers: [
CredentialsProvider({
async authorize(credentials) {
if (await isDisposable(credentials.email)) {
throw new Error("Please use a real email address.");
}
// ...your auth logic
return { id: "1", email: credentials.email };
},
}),
],
};Notes
Check in the `authorize` callback for credentials-based auth. For OAuth providers, the email is already verified by the provider.