Manually authorise signups

I have been working on something similar for blacklisting domains. You can use a rule eg.

function (user, context, callback) {
    var whitelist = 'example.com', 'example.edu']; //authorized domains
    var userHasAccess = whitelist.some(
      function (domain) {
        var emailSplit = user.email.split('@');
        return emailSplit[emailSplit.length - 1].toLowerCase() === domain;
      });

    if (!userHasAccess) {
      return callback(new UnauthorizedError('Access denied.'));
    }

    return callback(null, user, context);
}

to whitelist domains. But this for some reason does not work until after the user signs up! Trying to create a workaround that automatically deletes the blacklisted email user and does not send a verification email on signup, but I am not having much luck.