Merge pull request 'Enhance submitContactForm function to improve input sanitization and response handling. Update documentation to clarify that the endpoint does not require authentication. Implement checks for empty responses and specific error handling for authenticati…' (#35) from feat/booking-panel into master

Reviewed-on: http://35.207.46.142/ATTUNE-HEART-THERAPY/website/pulls/35
2025-12-01 18:04:52 +00:00 · 2025-12-01 18:04:52 +00:00 · e72c7e105a
commit e72c7e105a
parent 51ca53af88 6fb6e97341
1 changed files with 23 additions and 7 deletions
--- a/lib/actions/auth.ts
+++ b/lib/actions/auth.ts
@ -452,7 +452,7 @@ export interface ContactFormResponse {
 }

 /**
- * Submit contact form
+ * Submit contact form (public endpoint - no authentication required)
 */
 export async function submitContactForm(
  data: ContactFormInput
@ -462,18 +462,34 @@ export async function submitContactForm(
      method: "POST",
      headers: {
        "Content-Type": "application/json",
+        "Accept": "application/json",
      },
      body: JSON.stringify({
-        name: data.name,
-        email: data.email,
-        phone: data.phone,
-        message: data.message,
+        name: data.name.trim(),
+        email: data.email.trim().toLowerCase(),
+        phone: data.phone.trim(),
+        message: data.message.trim(),
      }),
    });

-    const responseData = await response.json();
+    // Handle empty responses
+    const contentType = response.headers.get("content-type");
+    let responseData: any;
+    
+    if (contentType && contentType.includes("application/json")) {
+      const text = await response.text();
+      responseData = text ? JSON.parse(text) : {};
+    } else {
+      const text = await response.text();
+      responseData = text ? { message: text } : {};
+    }

    if (!response.ok) {
+      // Check for authentication error specifically
+      if (response.status === 401 || response.status === 403) {
+        throw new Error("Contact form submission requires authentication. Please contact support if this is a public form.");
+      }
+      
      const error: ApiError = responseData;
      throw new Error(extractErrorMessage(error));
    }
@ -483,7 +499,7 @@ export async function submitContactForm(
    if (error instanceof Error) {
      throw error;
    }
-    throw new Error("Failed to submit contact form");
+    throw new Error("Failed to submit contact form. Please try again later.");
  }
 }