diff --git a/index.js b/index.js
index ba0438c..b57ead3 100644
--- a/index.js
+++ b/index.js
@@ -116,6 +116,8 @@ DB.getDB.then((DB) => {
         if(!email) return res.json({status: "provide valid email"});
         let r = await DB.getInvitation(email);
         if(!r) return res.json({status: "no invitation found with that email"});
+        let isUserAlreadyRegistered = await DB.getUser(email);
+        if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
         return res.json({status: "ok", ... r});
     });
 
@@ -131,6 +133,8 @@ DB.getDB.then((DB) => {
         // Check if the new user has an invitation.
         // TODO: Alert admin of signup attempts via email.
         if (!await DB.getInvitation(email)) return res.json({ status: "Not invitation found!" });
+        let isUserAlreadyRegistered = await DB.getUser(email);
+        if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
         // Hash password to be stored on the DB.
         // TODO: I think this is missing a Salt factor to improve security
         const hashedPassword = await bcrypt.hash(password, 10);
diff --git a/routes/profile.js b/routes/profile.js
index 1e5478b..128838c 100644
--- a/routes/profile.js
+++ b/routes/profile.js
@@ -84,6 +84,8 @@ DB.getDB.then((DB)=>{
         if(!email) return res.json({status: "provide valid email"});
         let r = await DB.getInvitation(email);
         if(!r) return res.json({status: "no invitation found with that email"});
+        let isUserAlreadyRegistered = await DB.getUser(email);
+        if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
         return res.json({status: "ok", ... r});
     });