torsten/miriamgemeinde
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Entferne Debug-Logging aus der SMTP-Konfiguration und schütze sensible Benutzerdaten in den Benutzer-Controller-Methoden. Füge sichere Rückgaben ohne Passwörter hinzu und verbessere die Fehlerprotokollierung für Benutzeroperationen.

Browse Source
This commit is contained in:
Torsten Schulz (local)
2025-09-24 09:18:08 +02:00
parent 23ba880286
commit 36e5b05e39
2 changed files with 49 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
config/email.js
View File

@@ -12,19 +12,6 @@ const smtpConfig = {
};
// Debug-Logging der SMTP-Konfiguration
console.log('=== SMTP CONFIGURATION DEBUG ===');
console.log('Host:', smtpConfig.host);
console.log('Port:', smtpConfig.port);
console.log('Secure:', smtpConfig.secure);
console.log('User:', smtpConfig.auth.user);
console.log('Pass:', smtpConfig.auth.pass.replace(/./g, '*')); // Passwort maskieren
console.log('Environment Variables:');
console.log(' SMTP_HOST:', process.env.SMTP_HOST || 'undefined');
console.log(' SMTP_PORT:', process.env.SMTP_PORT || 'undefined');
console.log(' SMTP_USER:', process.env.SMTP_USER || 'undefined');
console.log(' SMTP_PASS:', process.env.SMTP_PASS ? '***' : 'undefined');
console.log('================================');
const transporter = nodemailer.createTransport(smtpConfig);
// E-Mail-Template für Passwort-Reset