Documentation: services / newsletterService
Purpose:
Manage newsletter subscription/unsubscription by validating, sanitizing, and persisting emails.
Lifecycle Role:
Handles subscription HTTP requests; persists email data asynchronously.
Dependencies:
Upstream:
- emailValidator
Downstream:
- newsletter route handlers/controllers
- user-facing newsletter API controllers
Data Flow:
Inputs:
Raw email string from HTTP request.
Outputs:
Promise resolving on save/remove success or rejecting on errors.
Side Effects:
Asynchronous JSON file read/write for email storage.
Performance and Scalability:
Bottlenecks:
- Serialized writeLock causing Concurrency bottleneck.
- Disk IO latency and potential blocking.
Concurrency:
Write serialization to prevent race conditions.
Security and Stability:
Validation:
Email Validation applied.
Vulnerabilities:
- No rate limiting/throttling.
- Plaintext JSON storage risks data exposure.
- No input sanitation beyond email format.
- Single-file storage is single point of failure.
Architecture Assessment:
Coupling:
Tightly coupled to filesystem persistence.
Abstraction:
No database or caching layer.
Recommendations:
- Migrate persistence to database or key-value store.
- Add rate limiting on endpoints.
- Encrypt stored emails or restrict file access.
- Use write queues or batch processing.
- Add structured logging for audit/debug.