1
0
Fork 0

separate email client-side validation code

2015
joates 10 years ago
parent 292f2ebf95
commit d7a4038288

1
.gitignore vendored

@ -9,6 +9,7 @@ lib-cov
*.pid *.pid
*.gz *.gz
db
pids pids
logs logs
results results

@ -5,7 +5,7 @@
"main": "server.js", "main": "server.js",
"scripts": { "scripts": {
"start": "echo -n 'building.. '; npm run build && node server.js", "start": "echo -n 'building.. '; npm run build && node server.js",
"build": "browserify src/email.js -o html/assets/js/email.js", "build": "browserify src/email-client.js -o html/assets/js/email.js",
"test": "echo \"Error: no test specified\" && exit 1" "test": "echo \"Error: no test specified\" && exit 1"
}, },
"repository": { "repository": {
@ -26,6 +26,7 @@
"browserify": "^5.11.2", "browserify": "^5.11.2",
"domready": "^1.0.7", "domready": "^1.0.7",
"nodemailer": "^1.3.0", "nodemailer": "^1.3.0",
"valid-email": "0.0.1" "valid-email": "0.0.1",
"xss-escape": "0.0.5"
} }
} }

@ -1,9 +1,7 @@
#!/usr/bin/env node #!/usr/bin/env node
var nodemailer = require('nodemailer') var server = require('http').createServer(handler)
, transporter = nodemailer.createTransport() , sanitize = require('xss-escape')
, server = require('http').createServer(handler)
, email = require('./config.json').email
, rn = require('./src/rng') , rn = require('./src/rng')
, fs = require('fs') , fs = require('fs')
, re = new RegExp('\.js$', 'i') , re = new RegExp('\.js$', 'i')
@ -29,29 +27,42 @@ function handler(req, res) {
if (/^\/email\?/.test(req.url)) { if (/^\/email\?/.test(req.url)) {
var params = require('url').parse(req.url, true) var params = require('url').parse(req.url, true)
if (params && params.query.email) { if (params && params.query.email) {
//console.log('got email:', params.query)
var obj = {}
, email = sanitize(params.query.email)
obj.token = rn()
obj.verified = false
obj.events = { paris: params.query.paris ? true : false }
obj.trace = (req.headers['x-forwarded-for'] || '').split(',')
|| [ req.connection.remoteAddress ]
var db = require('level')('./db/squatconf', { valueEncoding: 'json' })
db.put(email, obj, function(err) {
if (err) cb(err)
// else.. db updated OK
})
/* var nodemailer = require('nodemailer')
var to_addr = params.query.email // @NOTE: , transporter = nodemailer.createTransport()
// Q: do we trust the user input ? , config = require('./config.json')
// A: FUCK NO !!
, url = 'http://squatconf.eu/confirm' , url = 'http://squatconf.eu/confirm'
, link = url +'?email='+ to_addr +'&token='+ rn() +'\n\n' , link = url +'?email='+ email +'&token='+ obj.token +'\n\n'
var opts = { var opts = {
from : email.from from : config.email.from
, to : to_addr , to : email
, subject: email.subject , subject: config.email.subject
, text : email.bodyText.replace(/\%link\%/, link) , text : config.email.bodyText.replace(/\%link\%/, link)
} }
transporter.sendMail(opts, function(err, data) { transporter.sendMail(opts, function(err, data) {
if (err) return console.error('email problem !', err) if (err) throw err
console.log('email sent', data) // validation email sent
console.log('email sent..', data)
}) })
*/
console.log(' got email:', params.query)
} }
res.statusCode = 302 res.statusCode = 302
res.setHeader('Location', '/') res.setHeader('Location', '/')
return res.end() return res.end()
@ -68,5 +79,6 @@ process.on('uncaughtException', function (err) {
}) })
server.listen(port) server.listen(port)
console.error('['+ process.pid +'] server started on port '+ port) console.log('['+ process.pid +'] server started on port '+ port)
console.error('(use ctrl+c to stop server)') console.log('(use Ctrl+c to stop the server)')

Loading…
Cancel
Save