Added resend, fixed CSRF

2025-02-21 16:16:24 +01:00
parent dbddf12f25
commit de828d4c13
10 changed files with 86 additions and 76 deletions
--- a/.env.template
+++ b/.env.template
@@ -18,7 +18,5 @@ SERVER_NAME=${SERVER_NAME:-localhost}
 CORS_AllowOrigin=${CORS_AllowOrigin:-*}

 SMTP_DOMAIN=${SMTP_DOMAIN:-smtp.gmail.com}
-SMTP_PORT=${SMTP_PORT:-587}
-SMTP_EMAIL=${SMTP_EMAIL}
-SMTP_APP_PASSWORD=${SMTP_APP_PASSWORD}
 YOUTUBE_API_KEY=${YOUTUBE_API_KEY}
+RESEND_APIKEY=${RESEND_APIKEY}
--- a/backend/api/contact.go
+++ b/backend/api/contact.go
@@ -5,10 +5,9 @@ import (
 	"fmt"
 	"net/http"
 	"os"
-	"strconv"

 	"fr.latosa-escrima/core"
-	"gopkg.in/gomail.v2"
+	"github.com/resend/resend-go/v2"
 )

 type ContactForm struct {
@@ -31,29 +30,29 @@ func HandleContact(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	fmt.Println("Received form", form)
-	fmt.Println("ENV:", os.Environ())
-
-	m := gomail.NewMessage()
-	m.SetHeader("From", os.Getenv("SMTP_EMAIL"))
-	// m.SetHeader("Reply-To", form.EMail)
-	m.SetHeader("To", os.Getenv("SMTP_EMAIL"))
-	m.SetHeader("Subject", form.Subject)
-	m.SetBody("text/plain", fmt.Sprintf("%s %s vous a envoyé un email:\n\n%s", form.Firstname, form.Lastname, form.Message))
-	port, err := strconv.Atoi(os.Getenv("SMTP_PORT"))
-	if err != nil {
-		port = 587
+	apiKey := os.Getenv("RESEND_APIKEY")
+	sendTo := os.Getenv("SMTP_EMAIL")
+	client := resend.NewClient(apiKey)
+	params := &resend.SendEmailRequest{
+		From:    "onboarding@resend.dev",
+		To:      []string{sendTo},
+		Subject: form.Subject,
+		Html: fmt.Sprintf("<h1><strong>%s %s</strong> (%s) vous a envoyé un mail.</h1></br></br>%s",
+			form.Firstname, form.Lastname, form.EMail, form.Message),
+		ReplyTo: form.EMail,
 	}
-	d := gomail.NewDialer(os.Getenv("SMTP_DOMAIN"), port, os.Getenv("SMTP_EMAIL"), os.Getenv("SMTP_APP_PASSWORD"))

-	if err = d.DialAndSend(); err != nil {
+	sent, err := client.Emails.Send(params)
+	if err != nil {
 		core.JSONError{
 			Status:  core.Error,
 			Message: err.Error(),
-		}.Respond(w, http.StatusInternalServerError)
+		}.Respond(w, http.StatusBadRequest)
 		return
 	}

+	fmt.Println(*sent)
+
 	core.JSONSuccess{
 		Status:  core.Success,
 		Message: "Email sent.",
--- a/backend/api/middlewares.go
+++ b/backend/api/middlewares.go
@@ -13,6 +13,13 @@ import (
 	"fr.latosa-escrima/utils"
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/google/uuid"
+	"github.com/gorilla/csrf"
+)
+
+var CSRFMiddleware core.Middleware = csrf.Protect(
+	core.CSRF_KEY,
+	csrf.Secure(os.Getenv("ENVIRONMENT") != "DEV"),
+	csrf.HttpOnly(true),
 )

 func CORS(next http.Handler) http.Handler {
--- a/backend/api/users_routes.go
+++ b/backend/api/users_routes.go
@@ -8,7 +8,7 @@ import (
 var UserRoutes = map[string]core.Handler{
 	"/users/login": {
 		Handler:     users.HandleLogin,
-		Middlewares: []core.Middleware{Methods("POST")}},
+		Middlewares: []core.Middleware{Methods("POST"), CSRFMiddleware}},
 	// Could add users:own:get permission there, but don't think it's
 	// necessary
 	"/users/me": {
--- a/backend/go.mod
+++ b/backend/go.mod
@@ -7,6 +7,7 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1
 	github.com/lib/pq v1.10.9
+	github.com/resend/resend-go/v2 v2.15.0
 	github.com/uptrace/bun v1.2.8
 	github.com/uptrace/bun/dialect/pgdialect v1.2.8
 	github.com/uptrace/bun/driver/pgdriver v1.2.8
@@ -22,7 +23,6 @@ require (
 require (
 	github.com/gorilla/csrf v1.7.2 // direct
 	github.com/gorilla/securecookie v1.1.2 // indirect
-	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 )

 require (
@@ -39,6 +39,5 @@ require (
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/sys v0.29.0 // indirect
-	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df
 	mellium.im/sasl v0.3.2 // indirect
 )
--- a/backend/go.sum
+++ b/backend/go.sum
@@ -26,8 +26,10 @@ github.com/gorilla/csrf v1.7.2 h1:oTUjx0vyf2T+wkrx09Trsev1TE+/EbDAeHtSTbtC2eI=
 github.com/gorilla/csrf v1.7.2/go.mod h1:F1Fj3KG23WYHE6gozCmBAezKookxbIvUJT+121wTuLk=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/jackc/chunkreader v1.0.0 h1:4s39bBR8ByfqH+DKm8rQA3E1LHZWB9XWcrz8fqaZbe0=
 github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
 github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
 github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
 github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA=
 github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE=
@@ -35,13 +37,16 @@ github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsU
 github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o=
 github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY=
 github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI=
+github.com/jackc/pgconn v1.14.3 h1:bVoTr12EGANZz66nZPkMInAV/KHD2TxH9npjXXgiB3w=
 github.com/jackc/pgconn v1.14.3/go.mod h1:RZbme4uasqzybK2RK5c65VsHxoyaml09lx3tXOcO/VM=
 github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE=
 github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8=
 github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE=
 github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c=
 github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgproto3 v1.1.0 h1:FYYE4yRw+AgI8wXIinMlNjBbp/UitDJwfj5LqqewP1A=
 github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78=
 github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA=
 github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg=
@@ -49,8 +54,10 @@ github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvW
 github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
 github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
 github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.3.3 h1:1HLSx5H+tXR9pW3in3zaztoEwQYRC9SQaYUHjTSUOag=
 github.com/jackc/pgproto3/v2 v2.3.3/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
 github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk=
 github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
 github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg=
 github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc=
@@ -63,6 +70,7 @@ github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08
 github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM=
 github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc=
 github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs=
+github.com/jackc/pgx/v4 v4.18.2 h1:xVpYkNR5pk5bMCZGfClbO962UIqVABcAGt7ha1s/FeU=
 github.com/jackc/pgx/v4 v4.18.2/go.mod h1:Ey4Oru5tH5sB6tV7hDmfWFahwF15Eb7DNXlRKx2CkVw=
 github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
 github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
@@ -100,6 +108,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/puzpuzpuz/xsync/v3 v3.4.0 h1:DuVBAdXuGFHv8adVXjWWZ63pJq+NRXOWVXlKDBZ+mJ4=
 github.com/puzpuzpuz/xsync/v3 v3.4.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
+github.com/resend/resend-go/v2 v2.15.0 h1:B6oMEPf8IEQwn2Ovx/9yymkESLDSeNfLFaNMw+mzHhE=
+github.com/resend/resend-go/v2 v2.15.0/go.mod h1:3YCb8c8+pLiqhtRFXTyFwlLvfjQtluxOr9HEh2BwCkQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
 github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
@@ -123,8 +133,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc h1:9lRDQMhESg+zvGYmW5DyG0UqvY96Bu5QYsTLvCHdrgo=
 github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc/go.mod h1:bciPuU6GHm1iF1pBvUfxfsH0Wmnc2VbpgvbI9ZWuIRs=
 github.com/uptrace/bun v1.2.8 h1:HEiLvy9wc7ehU5S02+O6NdV5BLz48lL4REPhTkMX3Dg=
@@ -223,6 +234,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
@@ -239,13 +252,9 @@ golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
-gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE=
-gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
 gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/backend/main.go
+++ b/backend/main.go
@@ -14,7 +14,6 @@ import (
 	"fr.latosa-escrima/api"
 	"fr.latosa-escrima/core"
 	"fr.latosa-escrima/utils"
-	"github.com/gorilla/csrf"
 )

 var CORS_AllowOrigin string
@@ -56,12 +55,6 @@ func main() {

 	defer core.DB.Close()

-	CSRFMiddleware := csrf.Protect(
-		core.CSRF_KEY,
-		csrf.Secure(environ != "DEV"),
-		csrf.HttpOnly(true),
-	)
-
 	mux := http.NewServeMux()

 	baseRoutes := map[string]core.Handler{
@@ -73,11 +66,11 @@ func main() {
 			}},
 		"/contact": {
 			Handler:     api.HandleContact,
-			Middlewares: []core.Middleware{api.Methods("POST"), CSRFMiddleware},
+			Middlewares: []core.Middleware{api.Methods("POST"), api.CSRFMiddleware},
 		},
 		"/csrf-token": {
 			Handler:     api.HandleCSRF,
-			Middlewares: []core.Middleware{api.Methods("GET"), CSRFMiddleware},
+			Middlewares: []core.Middleware{api.Methods("GET"), api.CSRFMiddleware},
 		},
 	}
 	routes := utils.MergeMaps(
--- a/frontend/components/contact.tsx
+++ b/frontend/components/contact.tsx
@@ -3,9 +3,10 @@ import { Button } from "@/components/ui/button";
 import { Input } from "@/components/ui/input";
 import { Label } from "@/components/ui/label";
 import { Textarea } from "@/components/ui/textarea";
-import { API_URL } from "@/lib/constants";
-import { ApiResponse } from "@/types/types";
-import { useEffect, useState } from "react";
+import useApiMutation from "@/hooks/use-api";
+import { useToast } from "@/hooks/use-toast";
+import { Loader2 } from "lucide-react";
+import { useState } from "react";

 interface FormData {
 	firstname: string;
@@ -16,6 +17,7 @@ interface FormData {
 }

 const Contact = () => {
+	const { toast } = useToast();
 	const [formData, setFormData] = useState<FormData>({
 		firstname: "",
 		lastname: "",
@@ -24,7 +26,12 @@ const Contact = () => {
 		message: "",
 	});

-	const [csrfToken, setCsrfToken] = useState("");
+	const {
+		trigger: sendEmail,
+		isMutating: isLoading,
+		isSuccess,
+		error,
+	} = useApiMutation<unknown, FormData>(`/contact`, {}, "POST", false, true);

 	const handleChange = (
 		e: React.ChangeEvent<HTMLInputElement | HTMLTextAreaElement>,
@@ -36,34 +43,21 @@ const Contact = () => {
 		});
 	};

-	useEffect(() => {
-		const fetchCsrfToken = async () => {
-			try {
-				const response = await fetch(`${API_URL}/csrf-token`, {
-					credentials: "include",
-				});
-				const data: ApiResponse<{ csrf: string }> =
-					await response.json();
-				if (data.data) setCsrfToken(data.data.csrf);
-			} catch (e: any) {
-				console.log(e);
-			}
-		};
-
-		fetchCsrfToken();
-	}, []);
-
 	const handleSubmit = async (e: React.FormEvent<HTMLFormElement>) => {
 		e.preventDefault();
-		const res = await fetch(`${API_URL}/contact`, {
-			headers: {
-				"Content-Type": "application/json",
-				"X-CSRF-Token": csrfToken,
-			},
-			method: "POST",
-			body: JSON.stringify(formData),
-			credentials: "include",
-		});
+		const res = await sendEmail(formData);
+		if (res?.status === "Success") {
+			toast({
+				title: "Mail envoyé.",
+				description:
+					"On reviendra vers vous le plus rapidement possible.",
+			});
+		} else {
+			toast({
+				title: "Échec de l'envoie du mail.",
+				description: res?.message,
+			});
+		}
 	};

 	return (
@@ -165,8 +159,25 @@ const Contact = () => {
 								required
 							/>
 						</div>
-						<Button type="submit" className="w-full">
-							Envoyer
+						<Button
+							disabled={
+								isLoading || isSuccess || error !== undefined
+							}
+							type="submit"
+							className={`w-full transition-all ease-in-out ${isSuccess ? "bg-green-800" : error ? "bg-red-800" : ""}`}
+						>
+							{isSuccess ? (
+								<>Message envoyé</>
+							) : error ? (
+								<>Échec de l'envoie du mail.</>
+							) : (
+								<>
+									{isLoading && (
+										<Loader2 className="animate-spin" />
+									)}
+									Envoyer
+								</>
+							)}
 						</Button>
 					</form>
 				</div>
--- a/frontend/lib/request.ts
+++ b/frontend/lib/request.ts
@@ -20,7 +20,7 @@ export default async function request<T>(

 	if (options.csrfToken) {
 		const res: ApiResponse<{ csrf: string }> = await (
-			await fetch(`${API_URL}/csrf-token`)
+			await fetch(`${API_URL}/csrf-token`, { credentials: "include" })
 		).json();
 		if (res.data) headers["X-CSRF-Token"] = res.data.csrf;
 	}
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +0,0 @@
-{
-	"name": "latosa-escrima.fr",
-	"lockfileVersion": 3,
-	"requires": true,
-	"packages": {}
-}