change mailer slightly to make it a proxy

2024-08-07 09:37:07 +03:00
parent 8424cda3bb
commit 19f649a0d1
3 changed files with 689 additions and 84 deletions
--- a/index.js
+++ b/index.js
@@ -1,112 +1,102 @@
-const express = require('express');
-const cors = require('cors');
-const helmet = require('helmet');
-const rateLimit = require('express-rate-limit');
-const nodemailer = require('nodemailer');
-const morgan = require('morgan');
+const express = require("express");
+const helmet = require("helmet");
+const rateLimit = require("express-rate-limit");
+const nodemailer = require("nodemailer");
+const morgan = require("morgan");

 const app = express();
-const ENV = process.env.ENVIRONMENT || 'TEST';
+const ENV = process.env.ENVIRONMENT || "TEST";
 const SENDER_EMAIL = process.env.EMAIL;
 const SENDER_PASS = process.env.EMAIL_PASSWORD;
 const SERV_HOST = process.env.EMAIL_HOST;
 const SERV_PORT = process.env.EMAIL_PORT;

-const recipients = process.env.ACCESS_KEYS.split(',').map((whole) => {
-	return {
-		key: whole.split(':')[0],
-		recipient: whole.split(':')[1],
-	};
+const allowedIPs = process.env.ALLOWED_IPS.split(",").map((whole) => {
+  return {
+    key: whole.split(":")[0],
+    recipient: whole.split(":")[1],
+  };
 });

-const allowedOrigins = process.env.ALLOWED_ORIGINS.split(',');
-
-app.enable('trust proxy');
-app.disable('x-powered-by');
+app.enable("trust proxy");
+app.disable("x-powered-by");
 app.use(express.json());
 app.use(helmet());
-app.use(morgan('[ :method :url ] ~:status | :date[web] | :total-time[digits] ms | IP :remote-addr | :user-agent'));
+app.use(
+  morgan(
+    "[ :method :url ] ~:status | :date[web] | :total-time[digits] ms | IP :remote-addr | :user-agent"
+  )
+);

 // 10 requests per minute
 const rootLimiter = rateLimit({
-	windowMs: 60 * 1000,
-	max: 10,
+  windowMs: 60 * 1000,
+  max: 10,
 });
+app.use("/", rootLimiter);

-app.use('/', rootLimiter);
+// Middleware function to check IP address
+const ipFilter = (req, res, next) => {
+  const clientIp = req.ip;

-app.use(
-	cors({
-		origin: function (origin, callback) {
-			if (origin && allowedOrigins.includes(origin)) {
-				callback(null, true);
-			} else {
-				callback(new Error(`Origin ${origin} is not allowed by CORS!`));
-				console.warn(`Connection refused: origin ${origin} is not allowed by CORS!`);
-			}
-		},
-	})
-);
-
-app.use((req, res, next) => {
-	const origin = req.headers.origin;
-	if (origin && allowedOrigins.includes(origin)) {
-		next();
-	} else {
-		res.status(403).json({ success: false, message: `Origin ${origin} is not allowed` });
-		console.warn(`Connection refused: origin ${origin} is not allowed`);
-	}
-});
+  if (allowedIPs.includes(clientIp)) {
+    next();
+  } else {
+    res.status(403).send("Access denied");
+  }
+};
+app.use(ipFilter);

 const transporter = nodemailer.createTransport({
-	host: SERV_HOST,
-	port: SERV_PORT,
-	secure: true,
-	auth: {
-		user: SENDER_EMAIL,
-		pass: SENDER_PASS,
-	},
+  host: SERV_HOST,
+  port: SERV_PORT,
+  secure: true,
+  auth: {
+    user: SENDER_EMAIL,
+    pass: SENDER_PASS,
+  },
 });

-// 2 requests per 5 minutes
+// 1 request per minute
 const mailRouteLimiter = rateLimit({
-	windowMs: 5 * 60 * 1000,
-	max: 2,
+  windowMs: 1 * 60 * 1000,
+  max: 1,
 });

-app.post('/api/mail', mailRouteLimiter, (req, res) => {
-	const { subject, text, access } = req.body;
-	let to;
+app.post("/api/mail", mailRouteLimiter, (req, res) => {
+  const { subject, text, recipient } = req.body;

-	if (!recipients.some((recipient) => recipient.key === access)) {
-		console.log('Access denied!');
-		return res.status(403).json({ success: false, message: 'Access denied!' });
-	} else
-		to = recipients.find((recipient) => recipient.key === access).recipient;
+  const mail = {
+    from: `"Arbeit Mail Hizmeti" <${SENDER_EMAIL}>`,
+    recipient,
+    replyTo: "noreply@arbeit.studio",
+    subject,
+    text,
+  };

-	const mail = {
-		from: `"Arbeit Mail Hizmeti" <${SENDER_EMAIL}>`,
-		to,
-		replyTo: 'noreply@arbeit.studio',
-		subject,
-		text,
-	};
-
-	if (ENV === 'PROD') {
-		if (transporter.sendMail(mail)) {
-			console.info('Sent something:', mail);
-			res.status(200).json({ success: true, message: 'Mail sent successfully!' });
-		} else {
-			console.error('Failed to send:', mail);
-			res.status(500).json({ success: false, message: 'Mail could not be sent!' });
-		}
-	} else res.status(200).json(mail);
+  if (ENV === "PROD") {
+    if (transporter.sendMail(mail)) {
+      console.info("Sent something:", mail);
+      res
+        .status(200)
+        .json({ success: true, message: "Mail sent successfully!" });
+    } else {
+      console.error("Failed to send:", mail);
+      res
+        .status(500)
+        .json({ success: false, message: "Mail could not be sent!" });
+    }
+  } else res.status(200).json(mail);
 });

-app.get('/api/hello', (req, res) => {
-	res.status(200).json({ message: 'Hello, World!' });
+app.get("/api/hello", (req, res) => {
+  res.status(200).json({
+    message: "Close the world, .txen eht nepO",
+    author: "Yigid BALABAN <fyb@fybx.dev>",
+    authorHomepage: "https://fybx.dev/",
+  });
 });

 app.listen(3313, () => {
-	console.log('Server up on 3313');
+  console.log("Server up on 3313");
 });