Новые изменения в проекте
This commit is contained in:
Web-serfer
parent
d14d67893b
commit
beeec4740e
3 changed files with 129 additions and 9 deletions
|
|
@ -1,11 +1,56 @@
|
|||
import type { APIRoute } from 'astro';
|
||||
import { pb } from '../../lib/pb';
|
||||
|
||||
const RATE_LIMIT_WINDOW = 60 * 1000;
|
||||
const MAX_REQUESTS = 3;
|
||||
|
||||
const requestCounts = new Map<string, { count: number; timestamp: number }>();
|
||||
|
||||
function checkRateLimit(ip: string): boolean {
|
||||
const now = Date.now();
|
||||
const record = requestCounts.get(ip);
|
||||
|
||||
if (!record || now - record.timestamp > RATE_LIMIT_WINDOW) {
|
||||
requestCounts.set(ip, { count: 1, timestamp: now });
|
||||
return true;
|
||||
}
|
||||
|
||||
if (record.count >= MAX_REQUESTS) {
|
||||
return false;
|
||||
}
|
||||
|
||||
record.count++;
|
||||
return true;
|
||||
}
|
||||
|
||||
function validatePhone(phone: string): boolean {
|
||||
const cleaned = phone.replace(/\D/g, '');
|
||||
return cleaned.length >= 10 && cleaned.length <= 15;
|
||||
}
|
||||
|
||||
export const POST: APIRoute = async ({ request }) => {
|
||||
const clientIP = request.headers.get('x-forwarded-for')?.split(',')[0] ||
|
||||
request.headers.get('x-real-ip') ||
|
||||
'unknown';
|
||||
|
||||
if (!checkRateLimit(clientIP)) {
|
||||
return new Response(JSON.stringify({
|
||||
success: false,
|
||||
error: 'Слишком много запросов. Попробуйте позже.'
|
||||
}), { status: 429 });
|
||||
}
|
||||
|
||||
try {
|
||||
const data = await request.json();
|
||||
|
||||
const { name, phone, service } = data;
|
||||
const { name, phone, service, website } = data;
|
||||
|
||||
if (website) {
|
||||
return new Response(JSON.stringify({
|
||||
success: false,
|
||||
error: 'Спам обнаружен'
|
||||
}), { status: 400 });
|
||||
}
|
||||
|
||||
if (!name || !phone) {
|
||||
return new Response(JSON.stringify({
|
||||
|
|
@ -14,9 +59,23 @@ export const POST: APIRoute = async ({ request }) => {
|
|||
}), { status: 400 });
|
||||
}
|
||||
|
||||
if (name.length < 2 || name.length > 100) {
|
||||
return new Response(JSON.stringify({
|
||||
success: false,
|
||||
error: 'Некорректное имя'
|
||||
}), { status: 400 });
|
||||
}
|
||||
|
||||
if (!validatePhone(phone)) {
|
||||
return new Response(JSON.stringify({
|
||||
success: false,
|
||||
error: 'Некорректный номер телефона'
|
||||
}), { status: 400 });
|
||||
}
|
||||
|
||||
const record = await pb.collection('consultations').create({
|
||||
name,
|
||||
phone,
|
||||
name: name.trim(),
|
||||
phone: phone.replace(/\D/g, ''),
|
||||
service: service || '',
|
||||
status: 'new',
|
||||
created_at: new Date().toISOString(),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue