From e18a6ec97ec90079479ae63ece954ad77db41008 Mon Sep 17 00:00:00 2001
From: Brunobrno <brunovontor@gmail.com>
Date: Sun, 5 Oct 2025 23:33:05 +0200
Subject: [PATCH] init

---
 backend/.env             |  6 ++++
 backend/app.py           | 74 ++++++++++++++++++++++++++++++++++++++++
 backend/requirements.txt |  3 ++
 frontend/.env            |  0
 4 files changed, 83 insertions(+)
 create mode 100644 backend/.env
 create mode 100644 backend/app.py
 create mode 100644 backend/requirements.txt
 create mode 100644 frontend/.env

diff --git a/backend/.env b/backend/.env
new file mode 100644
index 0000000..883b9a3
--- /dev/null
+++ b/backend/.env
@@ -0,0 +1,6 @@
+RECAPTCHA_SECRET=tvuj_recaptcha_secret
+EMAIL_USER=tvuj_email@gmail.com
+EMAIL_PASSWORD=tvuj_heslo_nebo_app_password
+OWNER_EMAIL=cilem@example.com
+SMTP_SERVER=smtp.gmail.com
+SMTP_PORT=587
diff --git a/backend/app.py b/backend/app.py
new file mode 100644
index 0000000..b6791da
--- /dev/null
+++ b/backend/app.py
@@ -0,0 +1,74 @@
+import os
+from flask import Flask, request, jsonify
+from email.mime.text import MIMEText
+from email.mime.multipart import MIMEMultipart
+import smtplib
+import requests
+from dotenv import load_dotenv
+
+load_dotenv()
+
+app = Flask(__name__)
+
+# Load environment
+RECAPTCHA_SECRET = os.getenv("RECAPTCHA_SECRET")
+EMAIL_USER = os.getenv("EMAIL_USER")
+EMAIL_PASSWORD = os.getenv("EMAIL_PASSWORD")
+OWNER_EMAIL = os.getenv("OWNER_EMAIL")
+SMTP_SERVER = os.getenv("SMTP_SERVER", "smtp.gmail.com")
+SMTP_PORT = int(os.getenv("SMTP_PORT", 587))
+
+def verify_recaptcha(token, remote_ip=None):
+    if not token:
+        return False
+    url = "https://www.google.com/recaptcha/api/siteverify"
+    data = {"secret": RECAPTCHA_SECRET, "response": token}
+    if remote_ip:
+        data["remoteip"] = remote_ip
+    try:
+        r = requests.post(url, data=data, timeout=5)
+        return r.json().get("success", False)
+    except:
+        return False
+
+@app.route("/send-incentive", methods=["POST"])
+def send_incentive():
+    # Získání dat z form
+    name = (request.form.get("name") or "").strip()
+    email = (request.form.get("email") or "").strip()
+    message_body = (request.form.get("message") or "").strip()
+    recaptcha_token = request.form.get("g-recaptcha-response")
+    honeypot = request.form.get("website")  # skryté pole
+
+    # Honeypot kontrola
+    if honeypot:
+        return jsonify({"error": "Spam detected"}), 400
+
+    # reCAPTCHA kontrola
+    if not verify_recaptcha(recaptcha_token, request.remote_addr):
+        return jsonify({"error": "reCAPTCHA failed"}), 400
+
+    # Základní validace
+    if not name or not email or not message_body:
+        return jsonify({"error": "Missing fields"}), 400
+
+    # Vytvoření emailu
+    msg = MIMEMultipart()
+    msg["From"] = EMAIL_USER
+    msg["To"] = OWNER_EMAIL
+    msg["Subject"] = f"Pobídka od {name}"
+    body = f"Od: {name} <{email}>\n\n{message_body}"
+    msg.attach(MIMEText(body, "plain"))
+
+    try:
+        server = smtplib.SMTP(SMTP_SERVER, SMTP_PORT)
+        server.starttls()
+        server.login(EMAIL_USER, EMAIL_PASSWORD)
+        server.sendmail(EMAIL_USER, OWNER_EMAIL, msg.as_string())
+        server.quit()
+        return jsonify({"status": "Email sent"}), 200
+    except Exception as e:
+        return jsonify({"error": str(e)}), 500
+
+if __name__ == "__main__":
+    app.run(debug=True, host="0.0.0.0", port=5000)
diff --git a/backend/requirements.txt b/backend/requirements.txt
new file mode 100644
index 0000000..baf4c63
--- /dev/null
+++ b/backend/requirements.txt
@@ -0,0 +1,3 @@
+Flask
+requests 
+python-dotenv
\ No newline at end of file
diff --git a/frontend/.env b/frontend/.env
new file mode 100644
index 0000000..e69de29