Safe to use? (Not leaking credentials to client)
Hi,
I plan to use nodemailer to send email, using ServerFunctions.
i it safe to have it setup like this:
Since the creds and transporter are not in the ServerFn
I plan to use nodemailer to send email, using ServerFunctions.
i it safe to have it setup like this:
// get the smtp credentials from the environment variables
const smtpCredentials = {
host: process.env.SMTP_HOST!,
port: parseInt(process.env.SMTP_PORT!),
auth: {
user: process.env.SMTP_USER!,
pass: process.env.SMTP_PASSWORD!,
},
};
// create a transporter object using the default SMTP transport
const transporter = nodemailer.createTransport(smtpCredentials);
export const sendEmail = createServerFn({
method: "POST",
})
.validator((data: { to: string; subject: string; text: string }) => {
if (!data.to || !data.subject || !data.text) {
throw new Error("Missing required fields");
}
return data;
})
.handler(async (ctx) => {
const { to, subject, text } = ctx.data;
console.log(`Sending email to ${to} with subject ${subject} and text ${text}`);
const mailOptions = {
from: `${process.env.SMTP_SENDER_NAME} <${process.env.SMTP_USER}>`,
....// get the smtp credentials from the environment variables
const smtpCredentials = {
host: process.env.SMTP_HOST!,
port: parseInt(process.env.SMTP_PORT!),
auth: {
user: process.env.SMTP_USER!,
pass: process.env.SMTP_PASSWORD!,
},
};
// create a transporter object using the default SMTP transport
const transporter = nodemailer.createTransport(smtpCredentials);
export const sendEmail = createServerFn({
method: "POST",
})
.validator((data: { to: string; subject: string; text: string }) => {
if (!data.to || !data.subject || !data.text) {
throw new Error("Missing required fields");
}
return data;
})
.handler(async (ctx) => {
const { to, subject, text } = ctx.data;
console.log(`Sending email to ${to} with subject ${subject} and text ${text}`);
const mailOptions = {
from: `${process.env.SMTP_SENDER_NAME} <${process.env.SMTP_USER}>`,
....Since the creds and transporter are not in the ServerFn
