import { NextResponse } from "next/server" import nodemailer from "nodemailer" export async function POST(req: Request) { try { const body = await req.json() const { name, email, phone, service, message, recaptchaToken, recaptchaAction } = body const recaptchaSecret = process.env.RECAPTCHA_SECRET_KEY || "6LfqD1osAAAAAEbpEApPkiQUbyjdKYx2OvhY2XTk" const minScore = Number(process.env.RECAPTCHA_MIN_SCORE) || 0.5 if (!recaptchaToken) { return NextResponse.json({ error: "Missing reCaptcha token" }, { status: 400 }) } // 1. Verify reCaptcha v3 const verifyBody = new URLSearchParams({ secret: recaptchaSecret, response: recaptchaToken, }) const recaptchaResponse = await fetch("https://www.google.com/recaptcha/api/siteverify", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: verifyBody.toString(), }) const recaptchaData = await recaptchaResponse.json() if (!recaptchaData.success || recaptchaData.action !== recaptchaAction || recaptchaData.score < minScore) { return NextResponse.json({ error: "reCaptcha verification failed" }, { status: 400 }) } // 2. Configure Nodemailer // NOTE: In a real environment, you'd use your SMTP credentials (Gmail, SendGrid, etc.) const smtpUser = process.env.SMTP_USER const smtpPass = process.env.SMTP_PASS if (!smtpUser || !smtpPass) { return NextResponse.json({ error: "SMTP is not configured" }, { status: 500 }) } const transporter = nodemailer.createTransport({ host: process.env.SMTP_HOST || "smtp.gmail.com", port: Number(process.env.SMTP_PORT) || 587, secure: false, auth: { user: smtpUser, pass: smtpPass, }, }) // 3. Create HTML Email const htmlEmail = `
SkyFly Travel - Uj uzenet / New message
Magyar
Nev
${name}
Email
${email}
Telefonszam
${phone || "-"}
Szolgaltatas tipusa
${service}
Uzenet
${message}
English
Name
${name}
Email
${email}
Phone
${phone || "-"}
Service type
${service}
Message
${message}
© 2026 SkyFly Travel
` // 4. Send Email await transporter.sendMail({ from: `"SkyFly Web" <${process.env.MAIL_FROM || smtpUser}>`, to: "bognar.szilard83@gmail.com", subject: `Weboldal uzenet / Website message: ${name} (${service})`, html: htmlEmail, }) return NextResponse.json({ success: true }) } catch (error) { console.error("Email error:", error) return NextResponse.json({ error: "Failed to send email" }, { status: 500 }) } }