-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapp.js
More file actions
102 lines (81 loc) · 2.6 KB
/
app.js
File metadata and controls
102 lines (81 loc) · 2.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
require('dotenv').config()
const express = require("express");
const cors = require("cors");
const nodemailer = require("nodemailer")
const validator = require("validator")
const xssFilters = require("xss-filters")
const rateLimit = require("express-rate-limit");
const app = express()
app.use(express.json())
app.use(cors())
app.options('*', cors())
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 10, // limit each IP to 100 requests per windowMs
});
const customers = require('./customers')
// API endpoint for health checks
app.get('/', (req, res) => {
return res.status(200).send("Alive")
})
// API endpoint for sending mail
app.post('/', limiter, (req, res) => {
const attributes = ['name', 'email', 'msg', 'apiKey', 'subject']
console.log(`req.body: ${JSON.stringify(req.body)}`)
const sanitizedAttributes = attributes.map(n => cleanRecivedData(n, req.body[n]))
const someInvalid = sanitizedAttributes.some(r => !r)
if (someInvalid) {
return res.status(422).json({'error': 'invalid args'})
}
var myAttributes = req.body
const customer = customers.find((c) => {
return c.apiKey === myAttributes.apiKey
})
if (!customer) {
return res.status(422).json({'error': "unknown customer"})
}
myAttributes.recipient = customer.recipient
sendMail(myAttributes)
res.status(200).json({ 'message': "Send mail" })
})
const cleanRecivedData = (key, value) => {
const checkerFunctions = {
name: v => v.length < 4,
email: v => !validator.isEmail(v),
msg: v => v.length < 5,
apiKey: v => v.length < 10,
subject: v => v.length < 4,
}
return checkerFunctions.hasOwnProperty(key) && !checkerFunctions[key](value) && xssFilters.inHTMLData(value)
}
const sendMail = (customer) => {
let SMTPSSL = false
if (process.env.SMTP_SSL == 'true') {
SMTPSSL = true
}
const transporter = nodemailer.createTransport({
host: process.env.SMTP_HOST,
port: process.env.SMTP_PORT,
secure: SMTPSSL,
auth: {
user: process.env.SMTP_USER,
pass: process.env.SMTP_PASS
}
})
console.log(`before forEach`)
customer.recipient.forEach(email => {
console.log(`in forEach`)
transporter.sendMail({
from: customer.email,
to: email,
subject: customer.subject,
text: `
Nachricht von ${customer.name}:
${customer.msg}
`
})
});
}
app.listen(3000, () => {
console.log("running on http://localhost:3000")
})