Add full project structure: backend API + frontend

- Move repo to project root to include both public/ and api/ - Add .gitignore excluding node_modules and .env - Include API routes (erase, gmail_oauth), services (mailer), and config Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-07 12:09:54 +02:00 · 2026-04-07 12:09:54 +02:00 · 614d5af397
commit 614d5af397
parent 36b918b95d
20 changed files with 2419 additions and 0 deletions
--- a/api/app.js
+++ b/api/app.js
@ -0,0 +1,48 @@
+'use strict';
+
+require('dotenv').config();
+
+const express    = require('express');
+const helmet     = require('helmet');
+const rateLimit  = require('express-rate-limit');
+
+const eraseRoute = require('./routes/erase');
+const gmailOAuth = require('./routes/gmail_oauth');
+
+const app = express();
+
+app.disable('x-powered-by');
+app.use(helmet());
+app.use(express.json({ limit: '10kb' }));
+
+// Rate limiting general
+app.use(rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 100,
+  standardHeaders: true,
+  legacyHeaders: false,
+}));
+
+// Rate limiting específico para envío de emails (más estricto)
+const emailLimit = rateLimit({
+  windowMs: 60 * 60 * 1000, // 1 hora
+  max: 10,
+  message: { error: 'Demasiadas solicitudes de envío. Espera antes de reintentar.' }
+});
+
+// ── Rutas ────────────────────────────────────────────────────────
+app.post('/api/erase',           emailLimit, eraseRoute);
+app.get('/api/gmail/auth',       emailLimit, gmailOAuth.authInit);
+app.get('/api/gmail/callback',              gmailOAuth.authCallback);
+
+// Health check
+app.get('/api/health', (req, res) => res.json({ status: 'ok' }));
+
+// ── Arranque ─────────────────────────────────────────────────────
+const PORT = process.env.PORT || 8787;
+app.listen(PORT, '127.0.0.1', () => {
+  console.log(`RESETEA backend corriendo en 127.0.0.1:${PORT}`);
+  if (!process.env.GOOGLE_CLIENT_ID) {
+    console.warn('⚠  GOOGLE_CLIENT_ID no configurado — OAuth Gmail deshabilitado');
+  }
+});