dereklseitz/dlseitz.dev-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: dereklseitz:b1093f3cfca6f6a33805929125581e954fd44227
Branches Tags
dereklseitz:refactor-modular-app dereklseitz:main
..
compare: dereklseitz:5c0b291b4af1d869232a7a612009dc7b8db918d1
Branches Tags
dereklseitz:refactor-modular-app dereklseitz:main

2 Commits
b1093f3cfc ... 5c0b291b4a

Author SHA1 Message Date
dereklseitz
5c0b291b4a fix: Add securityMw.js import 2025-08-21 07:54:52 -05:00
dereklseitz
0dea7fcaec fix: Add corrected refernce to securityMw.js for honeypot and hCaptcha verification 2025-08-21 07:51:58 -05:00
2 changed files with 12 additions and 14 deletions
Expand all files Collapse all files

17
routes/contactRoutes.js
View File

@@ -1,5 +1,5 @@
// The entire module is now a function that accepts 'contactController' as an argument. // The entire module is now a function that accepts 'contactController' and security middleware as an argument.
module.exports = (contactController) => { module.exports = (contactController, securityMw) => {
const express = require('express'); const express = require('express');
const router = express.Router(); const router = express.Router();
const rateLimit = require('express-rate-limit'); const rateLimit = require('express-rate-limit');
@@ -12,17 +12,12 @@ module.exports = (contactController) => {
message: "Too many requests from this IP, please try again after 15 minutes." message: "Too many requests from this IP, please try again after 15 minutes."
}); });
// Define the route for form submissions // Define the route for form submissions with all middleware
router.post('/submit-form', router.post('/submit-form',
apiLimiter, apiLimiter,
// In-line honeypot check // The security middleware is now a separate step,
(req, res, next) => { // containing both the honeypot check and hCaptcha verification.
if (req.body.url) { securityMw.formSecurityCheck,
console.warn('Bot detected! Honeypot field was filled.');
return res.status(200).json({ success: true, message: 'Thank you for your submission.' });
}
next();
},
[ [
// express-validator: sanitation and validation // express-validator: sanitation and validation
body('firstName').trim().escape(), body('firstName').trim().escape(),

7
server.js
View File

@@ -37,8 +37,11 @@ const transporter = nodemailer.createTransport({
const contactController = require('./controllers/contactController')(pool, transporter); const contactController = require('./controllers/contactController')(pool, transporter);
// Import contactRoutes and contactController // Import the security middleware
const contactRoutes = require('./routes/contactRoutes')(contactController); const securityMw = require('./middleware/securityMw');
// Import contactRoutes and contactController, and pass in securityMw
const contactRoutes = require('./routes/contactRoutes')(contactController, securityMw);
// Use contactRoutes to connect the modular router to the main app // Use contactRoutes to connect the modular router to the main app
app.use(contactRoutes); app.use(contactRoutes);