mailer is an admin method, so added auth check to request

This commit is contained in:
Ro 2020-07-02 13:43:40 -07:00
parent 5227b1faa1
commit 09efd3c348

View file

@ -1,75 +1,83 @@
import Settings, { SETTINGS_FILE } from '../../data/Settings'; import Settings, { SETTINGS_FILE } from '../../data/Settings';
import Auth from '../../data/Auth';
var express = require('express'); var express = require('express');
var router = express.Router(); var router = express.Router();
var nodemailer = require('nodemailer'); var nodemailer = require('nodemailer');
var mg = require('nodemailer-mailgun-transport'); var mg = require('nodemailer-mailgun-transport');
const pug = require('pug'); const pug = require('pug');
const settings = new Settings(); const settings = new Settings();
const auth = new Auth();
router.post('/', function (req, res) { router.post('/', function (req, res) {
settings auth.authCheck(req)
.load(SETTINGS_FILE) .then(() => {
.then(settings => { settings
let transport = ''; .load(SETTINGS_FILE)
var auth = ''; .then(settings => {
switch (settings.email.active) { let transport = '';
case 'option-smtp': var auth = '';
auth = { switch (settings.email.active) {
host: settings.email.smtp.domain, case 'option-smtp':
port: 587, auth = {
secure: false, host: settings.email.smtp.domain,
auth: { port: 587,
type: 'login', secure: false,
user: settings.email.smtp, auth: {
pass: settings.email.smtp.password type: 'login',
} user: settings.email.smtp,
}; pass: settings.email.smtp.password
transport = nodemailer.createTransport(auth); }
break; };
case 'option-mg': transport = nodemailer.createTransport(auth);
auth = { break;
auth: { case 'option-mg':
api_key: settings.email.mailgun.key, auth = {
domain: settings.email.mailgun.domain auth: {
} api_key: settings.email.mailgun.key,
}; domain: settings.email.mailgun.domain
transport = nodemailer.createTransport(mg(auth)); }
break; };
} transport = nodemailer.createTransport(mg(auth));
let render = pug.compileFile('brain/views/email/base.pug'); break;
let html = render({
title: settings.global.title,
header: 'a note from ' + settings.global.title,
content: req.body.content,
footer: 'powered by fipamo'
});
transport.sendMail(
{
from: 'control@playvico.us',
to: req.session.user.email, // An array if you have multiple recipients.
subject: 'Hey beautiful',
//You can use "html:" to send HTML email content. It's magic!
html: html
//You can use "text:" to send plain-text content. It's oldschool!
//text: 'Mailgun rocks, pow pow!'
},
function (err, info) {
if (err) {
res.json({
message: 'MAIL ERROR',
desc: err
});
} else {
//console.log(info);
res.json({
message: 'MAIL SENT',
desc: info
});
} }
} let render = pug.compileFile('brain/views/email/base.pug');
); let html = render({
title: settings.global.title,
header: 'a note from ' + settings.global.title,
content: req.body.content,
footer: 'powered by fipamo'
});
transport.sendMail(
{
from: 'control@playvico.us',
to: req.session.user.email, // An array if you have multiple recipients.
subject: 'Hey beautiful',
//You can use "html:" to send HTML email content. It's magic!
html: html
//You can use "text:" to send plain-text content. It's oldschool!
//text: 'Mailgun rocks, pow pow!'
},
function (err, info) {
if (err) {
res.json({
message: 'MAIL ERROR',
desc: err
});
} else {
//console.log(info);
res.json({
message: 'MAIL SENT',
desc: info
});
}
}
);
})
.catch(() => {
//console.error(err);
});
}) })
.catch(() => { .catch(err => {
//console.error(err); res.json(err);
}); });
}); });
module.exports = router; module.exports = router;