refactor: enhance security and performance in configuration and API routes

- Update Content Security Policy (CSP) in next.config.ts to avoid `unsafe-eval` in production, improving security against XSS attacks. - Refactor API routes to enforce admin authentication and session validation, ensuring secure access to sensitive endpoints. - Optimize analytics data retrieval by using database aggregation instead of loading all records into memory, improving performance and reducing memory usage. - Implement session token creation and verification for better session management and security across the application. - Enhance error handling and input validation in various API routes to ensure robustness and prevent potential issues.
2026-01-11 22:44:26 +01:00
parent 9cc03bc475
commit 9072faae43
28 changed files with 433 additions and 288 deletions
--- a/app/api/email/route.tsx
+++ b/app/api/email/route.tsx
@@ -2,10 +2,8 @@ import { type NextRequest, NextResponse } from "next/server";
 import nodemailer from "nodemailer";
 import SMTPTransport from "nodemailer/lib/smtp-transport";
 import Mail from "nodemailer/lib/mailer";
-import { PrismaClient } from '@prisma/client';
 import { checkRateLimit, getRateLimitHeaders } from '@/lib/auth';
-
-const prisma = new PrismaClient();
+import { prisma } from '@/lib/prisma';

 // Sanitize input to prevent XSS
 function sanitizeInput(input: string, maxLength: number = 10000): string {
@@ -95,12 +93,6 @@ export async function POST(request: NextRequest) {
        const user = process.env.MY_EMAIL ?? "";
        const pass = process.env.MY_PASSWORD ?? "";

-        console.log('🔑 Environment check:', { 
-            hasEmail: !!user, 
-            hasPassword: !!pass,
-            emailHost: user.split('@')[1] || 'unknown'
-        });
-
        if (!user || !pass) {
            console.error("❌ Missing email/password environment variables");
            return NextResponse.json(
@@ -123,11 +115,10 @@ export async function POST(request: NextRequest) {
            connectionTimeout: 30000, // 30 seconds
            greetingTimeout: 30000,   // 30 seconds
            socketTimeout: 60000,     // 60 seconds
-            // Additional TLS options for better compatibility
-            tls: {
-                rejectUnauthorized: false, // Allow self-signed certificates
-                ciphers: 'SSLv3'
-            }
+            // TLS hardening (allow insecure only when explicitly enabled)
+            tls: process.env.SMTP_ALLOW_INSECURE_TLS === 'true'
+                ? { rejectUnauthorized: false }
+                : { rejectUnauthorized: true, minVersion: 'TLSv1.2' }
        };

        // Creating transport with configured options