2026-04-15 02:12:25 +05:00
|
|
|
|
import type { APIRoute } from 'astro';
|
2026-04-19 20:19:24 +05:00
|
|
|
|
import nodemailer from 'nodemailer';
|
|
|
|
|
|
|
|
|
|
|
|
const POCKETBASE_URL = import.meta.env.POCKETBASE_URL || 'http://localhost:8090';
|
|
|
|
|
|
const SMTP_HOST = import.meta.env.SMTP_HOST || 'localhost';
|
|
|
|
|
|
const SMTP_PORT = import.meta.env.SMTP_PORT || '1025';
|
|
|
|
|
|
const NOTIFY_EMAIL = import.meta.env.NOTIFY_EMAIL || 'info@avtourist.ru';
|
|
|
|
|
|
|
|
|
|
|
|
const transporter = nodemailer.createTransport({
|
|
|
|
|
|
host: SMTP_HOST,
|
|
|
|
|
|
port: parseInt(SMTP_PORT),
|
|
|
|
|
|
secure: false,
|
|
|
|
|
|
ignoreTLS: true,
|
|
|
|
|
|
});
|
2026-04-15 02:12:25 +05:00
|
|
|
|
|
2026-04-19 19:32:53 +05:00
|
|
|
|
const RATE_LIMIT_WINDOW = 60 * 1000;
|
|
|
|
|
|
const MAX_REQUESTS = 3;
|
|
|
|
|
|
|
|
|
|
|
|
const requestCounts = new Map<string, { count: number; timestamp: number }>();
|
|
|
|
|
|
|
|
|
|
|
|
function checkRateLimit(ip: string): boolean {
|
|
|
|
|
|
const now = Date.now();
|
|
|
|
|
|
const record = requestCounts.get(ip);
|
|
|
|
|
|
|
|
|
|
|
|
if (!record || now - record.timestamp > RATE_LIMIT_WINDOW) {
|
|
|
|
|
|
requestCounts.set(ip, { count: 1, timestamp: now });
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (record.count >= MAX_REQUESTS) {
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
record.count++;
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function validatePhone(phone: string): boolean {
|
|
|
|
|
|
const cleaned = phone.replace(/\D/g, '');
|
|
|
|
|
|
return cleaned.length >= 10 && cleaned.length <= 15;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-04-15 02:12:25 +05:00
|
|
|
|
export const POST: APIRoute = async ({ request }) => {
|
2026-04-19 19:32:53 +05:00
|
|
|
|
const clientIP = request.headers.get('x-forwarded-for')?.split(',')[0] ||
|
|
|
|
|
|
request.headers.get('x-real-ip') ||
|
|
|
|
|
|
'unknown';
|
|
|
|
|
|
|
|
|
|
|
|
if (!checkRateLimit(clientIP)) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Слишком много запросов. Попробуйте позже.'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 429, headers: { 'Content-Type': 'application/json' } });
|
2026-04-19 19:32:53 +05:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-04-15 02:12:25 +05:00
|
|
|
|
try {
|
|
|
|
|
|
const data = await request.json();
|
|
|
|
|
|
|
2026-04-19 20:19:24 +05:00
|
|
|
|
const { name, phone, website } = data;
|
2026-04-19 19:32:53 +05:00
|
|
|
|
|
|
|
|
|
|
if (website) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Спам обнаружен'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 400, headers: { 'Content-Type': 'application/json' } });
|
2026-04-19 19:32:53 +05:00
|
|
|
|
}
|
2026-04-15 02:12:25 +05:00
|
|
|
|
|
|
|
|
|
|
if (!name || !phone) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Имя и телефон обязательны'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 400, headers: { 'Content-Type': 'application/json' } });
|
2026-04-15 02:12:25 +05:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-04-19 19:32:53 +05:00
|
|
|
|
if (name.length < 2 || name.length > 100) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Некорректное имя'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 400, headers: { 'Content-Type': 'application/json' } });
|
2026-04-19 19:32:53 +05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!validatePhone(phone)) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Некорректный номер телефона'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 400, headers: { 'Content-Type': 'application/json' } });
|
2026-04-19 19:32:53 +05:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-04-19 20:19:24 +05:00
|
|
|
|
const cleanPhone = phone.replace(/\D/g, '');
|
|
|
|
|
|
|
|
|
|
|
|
const response = await fetch(
|
|
|
|
|
|
`${POCKETBASE_URL}/api/collections/consultations/records`,
|
|
|
|
|
|
{
|
|
|
|
|
|
method: 'POST',
|
|
|
|
|
|
headers: {
|
|
|
|
|
|
'Content-Type': 'application/json',
|
|
|
|
|
|
},
|
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
|
name: name.trim(),
|
|
|
|
|
|
phone: cleanPhone,
|
|
|
|
|
|
status: 'new',
|
|
|
|
|
|
}),
|
|
|
|
|
|
}
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
const result = await response.json();
|
|
|
|
|
|
|
|
|
|
|
|
if (!response.ok) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: result.message || 'Ошибка при отправке заявки'
|
|
|
|
|
|
}), { status: response.status, headers: { 'Content-Type': 'application/json' } });
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
const emailHtml = `
|
|
|
|
|
|
<!DOCTYPE html>
|
|
|
|
|
|
<html>
|
|
|
|
|
|
<head>
|
|
|
|
|
|
<meta charset="utf-8">
|
|
|
|
|
|
</head>
|
|
|
|
|
|
<body style="margin: 0; padding: 20px; font-family: Arial, sans-serif; background-color: #f5f7fa;">
|
|
|
|
|
|
<div style="max-width: 600px; margin: 0 auto; background: #ffffff; border-radius: 12px; padding: 30px;">
|
|
|
|
|
|
<h2 style="color: #1e3050; margin: 0 0 20px;">Новая заявка на консультацию!</h2>
|
|
|
|
|
|
<table style="width: 100%; border-collapse: collapse;">
|
|
|
|
|
|
<tr>
|
|
|
|
|
|
<td style="padding: 10px 0; border-bottom: 1px solid #e0e4e8;"><strong>Имя:</strong></td>
|
|
|
|
|
|
<td style="padding: 10px 0; border-bottom: 1px solid #e0e4e8;">${name}</td>
|
|
|
|
|
|
</tr>
|
|
|
|
|
|
<tr>
|
|
|
|
|
|
<td style="padding: 10px 0; border-bottom: 1px solid #e0e4e8;"><strong>Телефон:</strong></td>
|
|
|
|
|
|
<td style="padding: 10px 0; border-bottom: 1px solid #e0e4e8;"><a href="tel:${cleanPhone}">${phone}</a></td>
|
|
|
|
|
|
</tr>
|
|
|
|
|
|
<tr>
|
|
|
|
|
|
<td style="padding: 10px 0;"><strong>Дата:</strong></td>
|
|
|
|
|
|
<td style="padding: 10px 0;">${new Date().toLocaleString('ru-RU')}</td>
|
|
|
|
|
|
</tr>
|
|
|
|
|
|
</table>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
</body>
|
|
|
|
|
|
</html>
|
|
|
|
|
|
`.trim();
|
|
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
await transporter.sendMail({
|
|
|
|
|
|
from: 'avtourist@surgut.ru',
|
|
|
|
|
|
to: NOTIFY_EMAIL,
|
|
|
|
|
|
subject: `Новая заявка от ${name}`,
|
|
|
|
|
|
html: emailHtml,
|
|
|
|
|
|
});
|
|
|
|
|
|
console.log('Email notification sent');
|
|
|
|
|
|
} catch (emailError) {
|
|
|
|
|
|
console.error('Email send error:', emailError);
|
|
|
|
|
|
}
|
2026-04-15 02:12:25 +05:00
|
|
|
|
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: true,
|
|
|
|
|
|
message: 'Заявка отправлена! Мы свяжемся с вами в течение 15 минут.',
|
2026-04-19 20:19:24 +05:00
|
|
|
|
id: result.id
|
|
|
|
|
|
}), { status: 201, headers: { 'Content-Type': 'application/json' } });
|
2026-04-15 02:12:25 +05:00
|
|
|
|
|
|
|
|
|
|
} catch (error: any) {
|
|
|
|
|
|
console.error('Consultation error:', error);
|
|
|
|
|
|
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: error.message || 'Ошибка при отправке заявки'
|
2026-04-19 20:19:24 +05:00
|
|
|
|
}), { status: 400, headers: { 'Content-Type': 'application/json' } });
|
2026-04-15 02:12:25 +05:00
|
|
|
|
}
|
|
|
|
|
|
};
|
