Block disposable email signups in Astro
Astro's server endpoints (with SSR or hybrid output) work like Express handlers. Add the check in the POST handler for your signup form.
The code
// src/pages/api/signup.ts
import type { APIRoute } from 'astro';
async function isDisposable(email: string) {
const r = await fetch(
`https://api.checkdisposable.email/v1/check?email=${encodeURIComponent(email)}`,
{ headers: { Authorization: `Bearer ${import.meta.env.CDE_KEY}` } }
);
if (!r.ok) return false;
return (await r.json()).is_disposable === true;
}
export const POST: APIRoute = async ({ request }) => {
const form = await request.formData();
const email = String(form.get('email') ?? '');
if (await isDisposable(email)) {
return new Response(
JSON.stringify({ error: 'Please use a real email address.' }),
{ status: 400, headers: { 'content-type': 'application/json' } }
);
}
return new Response(JSON.stringify({ ok: true }), {
headers: { 'content-type': 'application/json' },
});
};Notes
- Enable SSR or hybrid
- Set `output: "server"` (or `"hybrid"` and `export const prerender = false` on this route) in astro.config.mjs. Endpoints don't run in fully static builds.
- Auth: Better Auth or Clerk
- Most Astro signup flows wrap Better Auth or Clerk. Drop the check before calling their signup function — the endpoint stays the same.
- Edge-compatible
- The handler uses only standard fetch — runs unchanged on Cloudflare, Vercel, Deno, or Netlify edge adapters.
Get a free API key
500 checks/month, no credit card. No credit card. 30 seconds.
Sign up free →