dereklseitz/dlseitz.dev-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: dereklseitz:b1093f3cfca6f6a33805929125581e954fd44227
Branches Tags
dereklseitz:refactor-modular-app dereklseitz:main
..
compare: dereklseitz:5c0b291b4af1d869232a7a612009dc7b8db918d1
Branches Tags
dereklseitz:refactor-modular-app dereklseitz:main

2 Commits
b1093f3cfc ... 5c0b291b4a

Author SHA1 Message Date
dereklseitz
5c0b291b4a fix: Add securityMw.js import 2025-08-21 07:54:52 -05:00
dereklseitz
0dea7fcaec fix: Add corrected refernce to securityMw.js for honeypot and hCaptcha verification 2025-08-21 07:51:58 -05:00
2 changed files with 12 additions and 14 deletions
Expand all files Collapse all files

19
routes/contactRoutes.js
View File

@@ -1,5 +1,5 @@
// The entire module is now a function that accepts 'contactController' as an argument.
module.exports = (contactController) => {
// The entire module is now a function that accepts 'contactController' and security middleware as an argument.
module.exports = (contactController, securityMw) => {
const express = require('express');
const router = express.Router();
const rateLimit = require('express-rate-limit');
@@ -12,17 +12,12 @@ module.exports = (contactController) => {
message: "Too many requests from this IP, please try again after 15 minutes."
});
// Define the route for form submissions
// Define the route for form submissions with all middleware
router.post('/submit-form',
apiLimiter,
// In-line honeypot check
(req, res, next) => {
if (req.body.url) {
console.warn('Bot detected! Honeypot field was filled.');
return res.status(200).json({ success: true, message: 'Thank you for your submission.' });
}
next();
},
// The security middleware is now a separate step,
// containing both the honeypot check and hCaptcha verification.
securityMw.formSecurityCheck,
[
// express-validator: sanitation and validation
body('firstName').trim().escape(),
@@ -47,4 +42,4 @@ module.exports = (contactController) => {
// Return the configured router
return router;
};
};

7
server.js
View File

@@ -37,8 +37,11 @@ const transporter = nodemailer.createTransport({
const contactController = require('./controllers/contactController')(pool, transporter);
// Import contactRoutes and contactController
const contactRoutes = require('./routes/contactRoutes')(contactController);
// Import the security middleware
const securityMw = require('./middleware/securityMw');
// Import contactRoutes and contactController, and pass in securityMw
const contactRoutes = require('./routes/contactRoutes')(contactController, securityMw);
// Use contactRoutes to connect the modular router to the main app
app.use(contactRoutes);