dereklseitz/dlseitz.dev-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Derek L. Seitz
2025-08-20 22:41:58 -05:00
parent 3f4c21cebd
commit b1093f3cfc
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
routes/contactRoutes.js
View File

@@ -4,9 +4,6 @@ module.exports = (contactController) => {
const router = express.Router();
const rateLimit = require('express-rate-limit');
const { body, validationResult } = require('express-validator');
// Remove the old require statement since we are getting the controller as an argument
// const contactController = require('../controllers/contactController');
const { formSecurityCheck } = require('../middleware/securityMw');
// 🛡️ Configure rate limiting to prevent DDoS and spamming
const apiLimiter = rateLimit({
@@ -18,7 +15,14 @@ module.exports = (contactController) => {
// Define the route for form submissions
router.post('/submit-form',
apiLimiter,
// In-line honeypot check
(req, res, next) => {
if (req.body.url) {
console.warn('Bot detected! Honeypot field was filled.');
return res.status(200).json({ success: true, message: 'Thank you for your submission.' });
}
next();
},
[
// express-validator: sanitation and validation
body('firstName').trim().escape(),
@@ -37,8 +41,6 @@ module.exports = (contactController) => {
}
next();
},
// The security middleware
// formSecurityCheck,
// The controller, which is the final step
contactController.submitForm
);