fix: correct app.use()

server.js

@@ -1,47 +1,52 @@
-// contactRoutes.js
+const nodemailer = require('nodemailer');
 const express = require('express');
-const router = express.Router();
+const path = require('path');
+const { Pool } = require('pg');
 const rateLimit = require('express-rate-limit');
-const { body, validationResult } = require('express-validator');
+require('dotenv').config();
+const app = express();
+const port = process.env.SERVER_PORT || 3000;
 
-// The entire module is now a function that accepts 'contactController' and security middleware as an argument.
+// Middleware to parse incoming JSON data from the frontend
-module.exports = (contactController, securityMw) => {
+app.use(express.json());
 
-    // 🛡️ Configure rate limiting to prevent DDoS and spamming
+// Middleware to serve static files (like index.html, styles.css, script.js)
-    const apiLimiter = rateLimit({
+const STATIC_DIR = process.env.STATIC_DIR || 'public'
-        windowMs: 15 * 60 * 1000, // 15 minutes
+app.use(express.static(path.join(__dirname, STATIC_DIR)));
-        max: 5,
-        message: "Too many requests from this IP, please try again after 15 minutes."
-    });
 
-    // Define the route for form submissions with all middleware
+// Database connection pool setup using environment variables for security
-    router.post('/submit-form',
+const pool = new Pool({
-        apiLimiter,
+    user: process.env.DB_USER,
-        // The security middleware is now a separate step,
+    host: process.env.DB_HOST,
-        // containing both the honeypot check and hCaptcha verification.
+    database: process.env.DB_DATABASE,
-        securityMw.formSecurityCheck,
+    password: process.env.DB_PASSWORD,
-        [
+    port: process.env.DB_PORT,
-            // express-validator: sanitation and validation
+});
-            body('firstName').trim().escape(),
+
-            body('lastName').trim().escape(),
+// Nodemailer transporter setup for sending emails
-            body('email').isEmail().normalizeEmail(),
+const transporter = nodemailer.createTransport({
-            body('organization').trim().escape(),
+    host: process.env.EMAIL_HOST,
-            body('phone').trim(),
+    port: process.env.EMAIL_PORT,
-            body('message').trim().escape(),
+    secure: false,
-        ],
+    requireTLS: true,
-        // Middleware to handle the express-validator results
+    auth: {
-        (req, res, next) => {
+        user: process.env.EMAIL_USER,
-            const errors = validationResult(req);
+        pass: process.env.EMAIL_PASS,
-            if (!errors.isEmpty()) {
-                console.error('Validation failed:', errors.array());
-                return res.status(400).json({ success: false, message: 'Invalid form data.' });
-            }
-            next();
     },
-        // The controller, which is the final step
+});
-        contactController.submitForm
-    );
 
-    // Return the configured router
+const contactController = require('./controllers/contactController')(pool, transporter);
-    return router;
+
-};
+// Import the security middleware
+const securityMw = require('./middleware/securityMw');
+
+// Import contactRoutes and contactController, and pass in securityMw
+const contactRoutes = require('./routes/contactRoutes')(contactController, securityMw);
+
+// Use contactRoutes to connect the modular router to the main app
+app.use(contactRoutes);
+
+// Start the server
+app.listen(port, () => {
+    console.log(`Server listening at http://localhost:${port}`);
+});