From df5fddefc08e91e38fff94b54ac7981e6866668f Mon Sep 17 00:00:00 2001
From: Cory Dransfeldt <hi@coryd.dev>
Date: Tue, 8 Oct 2024 10:05:47 -0700
Subject: [PATCH] chore: email denylist

---
 workers/contact/index.js  | 18 +++++++++++++-----
 workers/scrobble/index.js |  2 +-
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/workers/contact/index.js b/workers/contact/index.js
index 6658bb10..9762e53a 100644
--- a/workers/contact/index.js
+++ b/workers/contact/index.js
@@ -25,13 +25,23 @@ export default {
         const email = formData.get('email')
         const message = formData.get('message')
         const hpName = formData.get('hp_name')
-
         if (hpName) return new Response('Spam detected', { status: 400 })
         if (!name || !email || !message) return new Response('Invalid input', { status: 400 })
 
+        const emailDomain = email.split('@')[1].toLowerCase()
         const supabaseUrl = env.SUPABASE_URL
         const supabaseKey = env.SUPABASE_KEY
         const supabase = createClient(supabaseUrl, supabaseKey)
+        const { data: blockedDomains, error: domainError } = await supabase
+          .from('blocked_domains')
+          .select('domain_name')
+
+        if (domainError) throw new Error(`Failed to fetch blocked domains: ${domainError.message}`)
+
+        const domainList = blockedDomains.map(item => item['domain_name'].toLowerCase())
+
+        if (domainList.includes(emailDomain)) return new Response('Email domain is blocked.', { status: 400 })
+
         const { error } = await supabase.from('contacts').insert([
           { name, email, message, replied: false }
         ])
@@ -40,15 +50,13 @@ export default {
 
         const forwardEmailApiKey = env.FORWARDEMAIL_API_KEY
         const authHeader = 'Basic ' + btoa(`${forwardEmailApiKey}:`)
-
         const emailData = new URLSearchParams({
-          from: 'hi@admin.coryd.dev',
+          from: `${name} <hi@admin.coryd.dev>`,
           to: 'hi@coryd.dev',
-          subject: 'New contact form submission',
+          subject: `${message}`,
           text: `Name: ${name}\nEmail: ${email}\nMessage: ${message}`,
           replyTo: email
         }).toString()
-
         const response = await fetch('https://api.forwardemail.net/v1/emails', {
           method: 'POST',
           headers: {
diff --git a/workers/scrobble/index.js b/workers/scrobble/index.js
index 3bc5af24..6322bcdb 100644
--- a/workers/scrobble/index.js
+++ b/workers/scrobble/index.js
@@ -16,7 +16,7 @@ const sanitizeMediaString = (str) => {
 
 const sendEmail = async (subject, text, authHeader, maxRetries = 3) => {
   const emailData = new URLSearchParams({
-    from: 'hi@admin.coryd.dev',
+    from: '<coryd.dev> hi@admin.coryd.dev',
     to: 'hi@coryd.dev',
     subject: subject,
     text: text,