var cmn = require("../$common.js"), fs = require("fs"), child_process = require("child_process"), bodyParser = require("body-parser"); var allowedRecipients = []; var ratelimitAllowed = (function() { var numEvents = 20, period = 24 * 3600 * 1000; var eventList = []; return function ratelimitAllowed() { var now = new Date(); while (now - eventList[0] > period) eventList.unshift(); if (eventList.length >= numEvents) return false; eventList.push(now); return true; }; })(); function sendEmail(recip, text) { var opts = { stdio: ["pipe", "inherit", "inherit"] }; var proc = child_process.spawn("sendmail", [recip], opts); // Make sure it doesn't run indefinitely var timeout = setTimeout(() => {proc.kill();}, 5000); proc.on("exit", () => clearTimeout(timeout)); proc.on("error", err => { console.log("email: Failed to start sendmail:", err); clearTimeout(timeout); }); proc.stdin.on("error", err => { console.log("email: Failed to write to sendmail:", err); clearTimeout(timeout); }); proc.stdin.end( "From: email-module@tomsmeding.com\n" + "To: " + recip + "\n" + "Subject: Mail from email module\n\n" + text ); } module.exports = function(app, io, moddir) { var allowedRecipients = fs.readFileSync(moddir + "/allowed_recipients.txt").toString().trim().split("\n"); var password = fs.readFileSync(moddir + "/password.txt").toString().trim(); app.post("/email", bodyParser.json(), function(req, res) { var body = req.body; console.log(body); if (typeof body != "object" || typeof body.password != "string" || typeof body.to != "string" || typeof body.text != "string" || body.password != password || allowedRecipients.indexOf(body.to) == -1) { res.status(400).send("Invalid request"); return; } var text = body.text.slice(0, 1000000); // 1 MB is enough sendEmail(body.to, body.text); res.end(); }); };