nonszy-space/src/app/api/contact/route.ts

import { NextRequest, NextResponse } from "next/server";
import { rateLimited } from "@/lib/server-utils";

const validateInput = (data: any) => {
  return (
    typeof data !== "object" ||
    (
      !data.anon &&
      (
        typeof data.name !== "string" ||
        typeof data.email !== "string"
      ) ||
      typeof data.message !== "string"
    ) ||
    !data.anon &&
    (
      !data.name.trim() ||
      !data.email.trim()
    ) ||
    !data.message.trim()
  )
}

export async function POST(req: NextRequest) {
  const agent = req.headers.get("x-forwarded-for") ?? "damn";

  const isRateLimited = await rateLimited(agent);
  
  if (isRateLimited) {
    return NextResponse.json(
      { error: "Too many requests" },
      { status: 429 }
    );
  }

  let data;
  try {
    data = await req.json();
  } catch {
    return NextResponse.json(
      { error: "Invalid input" },
      { status: 400 }
    );
  }

  if (validateInput(data)) {
    return NextResponse.json(
      { error: "Invalid input" },
      { status: 400 }
    );
  }

  return NextResponse.json({ status: "ok" });
}