@growth-labs/mailer 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/README.md +5 -1
  2. package/dist/options.d.ts +58 -0
  3. package/dist/options.d.ts.map +1 -1
  4. package/dist/options.js +22 -0
  5. package/dist/options.js.map +1 -1
  6. package/dist/routes/webhook.d.ts.map +1 -1
  7. package/dist/routes/webhook.js +24 -1
  8. package/dist/routes/webhook.js.map +1 -1
  9. package/dist/utils/analytics.d.ts +1 -1
  10. package/dist/utils/analytics.d.ts.map +1 -1
  11. package/dist/utils/analytics.js +1 -0
  12. package/dist/utils/analytics.js.map +1 -1
  13. package/dist/utils/index.d.ts +1 -0
  14. package/dist/utils/index.d.ts.map +1 -1
  15. package/dist/utils/index.js +1 -0
  16. package/dist/utils/index.js.map +1 -1
  17. package/dist/utils/webhook-signature.d.ts +6 -0
  18. package/dist/utils/webhook-signature.d.ts.map +1 -0
  19. package/dist/utils/webhook-signature.js +59 -0
  20. package/dist/utils/webhook-signature.js.map +1 -0
  21. package/package.json +1 -1
  22. package/src/options.ts +22 -0
  23. package/src/routes/webhook.ts +25 -1
  24. package/src/utils/analytics.ts +2 -0
  25. package/src/utils/index.ts +1 -0
  26. package/src/utils/webhook-signature.ts +91 -0
  27. package/src/virtual.d.ts +14 -0
package/README.md CHANGED
@@ -39,6 +39,10 @@ mailer({
39
39
  },
40
40
  analyticsEnabled: true, // Emit email events to @growth-labs/analytics
41
41
  analyticsBinding: 'ANALYTICS', // WAE binding used when analytics is enabled
42
+ webhookSignature: {
43
+ enabled: true,
44
+ secret: import.meta.env.MAILER_WEBHOOK_SECRET,
45
+ },
42
46
  })
43
47
  ```
44
48
 
@@ -49,7 +53,7 @@ mailer({
49
53
  - `GET /api/newsletter/confirm?token=...` — Double opt-in confirmation
50
54
  - `GET /api/newsletter/unsubscribe?token=...` — One-click unsubscribe
51
55
  - `GET/POST /email/preferences?token=...` — Preference center page
52
- - `POST /api/email/webhook` — ESP webhook receiver (delivery, bounce, complaint)
56
+ - `POST /api/email/webhook` — ESP webhook receiver (delivery, bounce, complaint), optional HMAC signature verification
53
57
  - `GET /api/email/open/:trackingId` — Open tracking pixel
54
58
  - `GET /api/email/click/:trackingId` — Click tracking redirect
55
59
 
package/dist/options.d.ts CHANGED
@@ -15,6 +15,40 @@ export declare const mailerOptionsSchema: z.ZodObject<{
15
15
  unsubscribePath: z.ZodDefault<z.ZodString>;
16
16
  preferencesPath: z.ZodDefault<z.ZodString>;
17
17
  webhookPath: z.ZodDefault<z.ZodString>;
18
+ webhookSignature: z.ZodDefault<z.ZodDiscriminatedUnion<"enabled", [z.ZodObject<{
19
+ enabled: z.ZodLiteral<false>;
20
+ header: z.ZodDefault<z.ZodString>;
21
+ timestampHeader: z.ZodDefault<z.ZodString>;
22
+ toleranceSeconds: z.ZodDefault<z.ZodNumber>;
23
+ }, "strip", z.ZodTypeAny, {
24
+ enabled: false;
25
+ header: string;
26
+ timestampHeader: string;
27
+ toleranceSeconds: number;
28
+ }, {
29
+ enabled: false;
30
+ header?: string | undefined;
31
+ timestampHeader?: string | undefined;
32
+ toleranceSeconds?: number | undefined;
33
+ }>, z.ZodObject<{
34
+ enabled: z.ZodLiteral<true>;
35
+ secret: z.ZodString;
36
+ header: z.ZodDefault<z.ZodString>;
37
+ timestampHeader: z.ZodDefault<z.ZodString>;
38
+ toleranceSeconds: z.ZodDefault<z.ZodNumber>;
39
+ }, "strip", z.ZodTypeAny, {
40
+ enabled: true;
41
+ header: string;
42
+ timestampHeader: string;
43
+ toleranceSeconds: number;
44
+ secret: string;
45
+ }, {
46
+ enabled: true;
47
+ secret: string;
48
+ header?: string | undefined;
49
+ timestampHeader?: string | undefined;
50
+ toleranceSeconds?: number | undefined;
51
+ }>]>>;
18
52
  trackOpenPath: z.ZodDefault<z.ZodString>;
19
53
  trackClickPath: z.ZodDefault<z.ZodString>;
20
54
  siteUrl: z.ZodString;
@@ -51,6 +85,18 @@ export declare const mailerOptionsSchema: z.ZodObject<{
51
85
  unsubscribePath: string;
52
86
  preferencesPath: string;
53
87
  webhookPath: string;
88
+ webhookSignature: {
89
+ enabled: false;
90
+ header: string;
91
+ timestampHeader: string;
92
+ toleranceSeconds: number;
93
+ } | {
94
+ enabled: true;
95
+ header: string;
96
+ timestampHeader: string;
97
+ toleranceSeconds: number;
98
+ secret: string;
99
+ };
54
100
  trackOpenPath: string;
55
101
  trackClickPath: string;
56
102
  siteUrl: string;
@@ -82,6 +128,18 @@ export declare const mailerOptionsSchema: z.ZodObject<{
82
128
  unsubscribePath?: string | undefined;
83
129
  preferencesPath?: string | undefined;
84
130
  webhookPath?: string | undefined;
131
+ webhookSignature?: {
132
+ enabled: false;
133
+ header?: string | undefined;
134
+ timestampHeader?: string | undefined;
135
+ toleranceSeconds?: number | undefined;
136
+ } | {
137
+ enabled: true;
138
+ secret: string;
139
+ header?: string | undefined;
140
+ timestampHeader?: string | undefined;
141
+ toleranceSeconds?: number | undefined;
142
+ } | undefined;
85
143
  trackOpenPath?: string | undefined;
86
144
  trackClickPath?: string | undefined;
87
145
  brand?: {
package/dist/options.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../src/options.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAmD9B,CAAA;AAEF,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA;AAC/D,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAA"}
1
+ {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../src/options.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyE9B,CAAA;AAEF,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA;AAC/D,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAA"}
package/dist/options.js CHANGED
@@ -22,6 +22,28 @@ export const mailerOptionsSchema = z.object({
22
22
  unsubscribePath: z.string().default('/api/newsletter/unsubscribe'),
23
23
  preferencesPath: z.string().default('/email/preferences'),
24
24
  webhookPath: z.string().default('/api/email/webhook'),
25
+ webhookSignature: z
26
+ .discriminatedUnion('enabled', [
27
+ z.object({
28
+ enabled: z.literal(false),
29
+ header: z.string().default('x-gl-mailer-signature'),
30
+ timestampHeader: z.string().default('x-gl-mailer-timestamp'),
31
+ toleranceSeconds: z.number().min(0).default(300),
32
+ }),
33
+ z.object({
34
+ enabled: z.literal(true),
35
+ secret: z.string().min(32),
36
+ header: z.string().default('x-gl-mailer-signature'),
37
+ timestampHeader: z.string().default('x-gl-mailer-timestamp'),
38
+ toleranceSeconds: z.number().min(0).default(300),
39
+ }),
40
+ ])
41
+ .default({
42
+ enabled: false,
43
+ header: 'x-gl-mailer-signature',
44
+ timestampHeader: 'x-gl-mailer-timestamp',
45
+ toleranceSeconds: 300,
46
+ }),
25
47
  // ─── Tracking ───
26
48
  trackOpenPath: z.string().default('/api/email/open'),
27
49
  trackClickPath: z.string().default('/api/email/click'),
package/dist/options.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"options.js","sourceRoot":"","sources":["../src/options.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,mBAAmB;IACnB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;IAE/B,mBAAmB;IACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;IAEtC,8BAA8B;IAC9B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IACxC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC;IAE/C,qCAAqC;IACrC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE;IAC5B,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE;IAE9B,+BAA+B;IAC/B,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACtC,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEtC,wBAAwB;IACxB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IAEzB,iBAAiB;IACjB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,2BAA2B,CAAC;IAC9D,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,yBAAyB,CAAC;IAC1D,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,6BAA6B,CAAC;IAClE,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC;IACzD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAErD,mBAAmB;IACnB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACpD,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC;IACtD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAEzB,4CAA4C;IAC5C,KAAK,EAAE,CAAC;SACN,MAAM,CAAC;QACP,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;QACpC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;QAC3C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;QAC1C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACjC,CAAC;SACD,OAAO,CAAC,EAAE,CAAC;IAEb,yBAAyB;IACzB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAElD,mCAAmC;IACnC,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAC5C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;CACjD,CAAC,CAAA"}
1
+ {"version":3,"file":"options.js","sourceRoot":"","sources":["../src/options.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,mBAAmB;IACnB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;IAE/B,mBAAmB;IACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;IAEtC,8BAA8B;IAC9B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IACxC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC;IAE/C,qCAAqC;IACrC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE;IAC5B,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE;IAE9B,+BAA+B;IAC/B,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACtC,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAEtC,wBAAwB;IACxB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IAEzB,iBAAiB;IACjB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,2BAA2B,CAAC;IAC9D,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,yBAAyB,CAAC;IAC1D,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,6BAA6B,CAAC;IAClE,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC;IACzD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC;IACrD,gBAAgB,EAAE,CAAC;SACjB,kBAAkB,CAAC,SAAS,EAAE;QAC9B,CAAC,CAAC,MAAM,CAAC;YACR,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;YACzB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC;YACnD,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC;YAC5D,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;SAChD,CAAC;QACF,CAAC,CAAC,MAAM,CAAC;YACR,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;YACxB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC;YACnD,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC;YAC5D,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;SAChD,CAAC;KACF,CAAC;SACD,OAAO,CAAC;QACR,OAAO,EAAE,KAAK;QACd,MAAM,EAAE,uBAAuB;QAC/B,eAAe,EAAE,uBAAuB;QACxC,gBAAgB,EAAE,GAAG;KACrB,CAAC;IAEH,mBAAmB;IACnB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC;IACpD,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC;IACtD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAEzB,4CAA4C;IAC5C,KAAK,EAAE,CAAC;SACN,MAAM,CAAC;QACP,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;QACpC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;QAC3C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;QAC1C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACjC,CAAC;SACD,OAAO,CAAC,EAAE,CAAC;IAEb,yBAAyB;IACzB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAElD,mCAAmC;IACnC,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAC5C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;CACjD,CAAC,CAAA"}
package/dist/routes/webhook.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/routes/webhook.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAA;AAarC,eAAO,MAAM,IAAI,EAAE,QAyClB,CAAA"}
1
+ {"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/routes/webhook.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAA;AAcrC,eAAO,MAAM,IAAI,EAAE,QAgElB,CAAA"}
package/dist/routes/webhook.js CHANGED
@@ -3,9 +3,21 @@ import { config } from 'virtual:growth-labs/mailer/config';
3
3
  import { drizzle } from 'drizzle-orm/d1';
4
4
  import { emitMailerAnalyticsEvent } from '../utils/analytics.js';
5
5
  import { handleBounce, handleComplaint, handleDelivery } from '../utils/bounce.js';
6
+ import { verifyWebhookSignature } from '../utils/webhook-signature.js';
6
7
  export const POST = async (context) => {
7
8
  const { request } = context;
8
- const body = (await request.json());
9
+ const rawBody = await request.text();
10
+ const signatureValid = await verifyWebhookSignature(config.webhookSignature, request, rawBody);
11
+ if (!signatureValid) {
12
+ return Response.json({ error: 'Invalid webhook signature' }, { status: 401 });
13
+ }
14
+ let body;
15
+ try {
16
+ body = JSON.parse(rawBody);
17
+ }
18
+ catch {
19
+ return Response.json({ error: 'Invalid payload' }, { status: 400 });
20
+ }
9
21
  if (!body.type || !body.email) {
10
22
  return Response.json({ error: 'Invalid payload' }, { status: 400 });
11
23
  }
@@ -15,6 +27,17 @@ export const POST = async (context) => {
15
27
  return Response.json({ error: 'D1 binding not available' }, { status: 500 });
16
28
  }
17
29
  const db = drizzle(d1);
30
+ emitMailerAnalyticsEvent(config, bindingsEnv, 'newsletter_webhook_received', {
31
+ request,
32
+ context,
33
+ contentSlug: body.trackingId ?? body.email,
34
+ label: {
35
+ type: body.type,
36
+ email: body.email,
37
+ trackingId: body.trackingId,
38
+ bounceType: body.bounceType,
39
+ },
40
+ });
18
41
  switch (body.type) {
19
42
  case 'delivery':
20
43
  if (body.trackingId) {
package/dist/routes/webhook.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../src/routes/webhook.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,mCAAmC,CAAA;AAE1D,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAA;AACxC,OAAO,EAAE,wBAAwB,EAA6B,MAAM,uBAAuB,CAAA;AAC3F,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AAUlF,MAAM,CAAC,MAAM,IAAI,GAAa,KAAK,EAAE,OAAO,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,IAAI,GAAG,CAAC,MAAM,OAAO,CAAC,IAAI,EAAE,CAAmB,CAAA;IAErD,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC/B,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,WAAW,GAAG,aAAwC,CAAA;IAC5D,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAe,CAAA;IACtD,IAAI,CAAC,EAAE,EAAE,CAAC;QACT,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IAC7E,CAAC;IACD,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;IAEtB,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,UAAU;YACd,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,CAAA;YAC1C,CAAC;YACD,MAAK;QACN,KAAK,QAAQ;YACZ,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,CAAA;YAC7D,MAAK;QACN,KAAK,WAAW;YACf,MAAM,eAAe,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAA;YACrC,MAAK;IACP,CAAC;IAED,wBAAwB,CAAC,MAAM,EAAE,WAAW,EAAE,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC7E,OAAO;QACP,OAAO;QACP,WAAW,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK;QAC1C,KAAK,EAAE;YACN,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC3B;KACD,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AACnC,CAAC,CAAA;AAED,SAAS,mBAAmB,CAAC,IAA4B;IACxD,QAAQ,IAAI,EAAE,CAAC;QACd,KAAK,UAAU;YACd,OAAO,sBAAsB,CAAA;QAC9B,KAAK,QAAQ;YACZ,OAAO,oBAAoB,CAAA;QAC5B,KAAK,WAAW;YACf,OAAO,uBAAuB,CAAA;IAChC,CAAC;AACF,CAAC"}
1
+ {"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../src/routes/webhook.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,aAAa,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,mCAAmC,CAAA;AAE1D,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAA;AACxC,OAAO,EAAE,wBAAwB,EAA6B,MAAM,uBAAuB,CAAA;AAC3F,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AAClF,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAA;AAUtE,MAAM,CAAC,MAAM,IAAI,GAAa,KAAK,EAAE,OAAO,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAA;IACpC,MAAM,cAAc,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,gBAAgB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IAC9F,IAAI,CAAC,cAAc,EAAE,CAAC;QACrB,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2BAA2B,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9E,CAAC;IAED,IAAI,IAAoB,CAAA;IACxB,IAAI,CAAC;QACJ,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAA;IAC7C,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC/B,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,WAAW,GAAG,aAAwC,CAAA;IAC5D,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAe,CAAA;IACtD,IAAI,CAAC,EAAE,EAAE,CAAC;QACT,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;IAC7E,CAAC;IACD,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC,CAAA;IAEtB,wBAAwB,CAAC,MAAM,EAAE,WAAW,EAAE,6BAA6B,EAAE;QAC5E,OAAO;QACP,OAAO;QACP,WAAW,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK;QAC1C,KAAK,EAAE;YACN,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC3B;KACD,CAAC,CAAA;IAEF,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,UAAU;YACd,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,cAAc,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,CAAA;YAC1C,CAAC;YACD,MAAK;QACN,KAAK,QAAQ;YACZ,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,CAAA;YAC7D,MAAK;QACN,KAAK,WAAW;YACf,MAAM,eAAe,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAA;YACrC,MAAK;IACP,CAAC;IAED,wBAAwB,CAAC,MAAM,EAAE,WAAW,EAAE,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC7E,OAAO;QACP,OAAO;QACP,WAAW,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK;QAC1C,KAAK,EAAE;YACN,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC3B;KACD,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AACnC,CAAC,CAAA;AAED,SAAS,mBAAmB,CAAC,IAA4B;IACxD,QAAQ,IAAI,EAAE,CAAC;QACd,KAAK,UAAU;YACd,OAAO,sBAAsB,CAAA;QAC9B,KAAK,QAAQ;YACZ,OAAO,oBAAoB,CAAA;QAC5B,KAAK,WAAW;YACf,OAAO,uBAAuB,CAAA;IAChC,CAAC;AACF,CAAC"}
package/dist/utils/analytics.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import type { ResolvedMailerOptions } from '../options.js';
2
- export type MailerAnalyticsEvent = 'newsletter_subscribed' | 'newsletter_confirmed' | 'newsletter_unsubscribed' | 'newsletter_opened' | 'newsletter_clicked' | 'newsletter_delivered' | 'newsletter_bounced' | 'newsletter_complained' | 'newsletter_sent' | 'newsletter_send_failed';
2
+ export type MailerAnalyticsEvent = 'newsletter_subscribed' | 'newsletter_confirmed' | 'newsletter_unsubscribed' | 'newsletter_opened' | 'newsletter_clicked' | 'newsletter_webhook_received' | 'newsletter_delivered' | 'newsletter_bounced' | 'newsletter_complained' | 'newsletter_sent' | 'newsletter_send_failed';
3
3
  interface AnalyticsContext {
4
4
  locals?: {
5
5
  cfContext?: {
package/dist/utils/analytics.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"analytics.d.ts","sourceRoot":"","sources":["../../src/utils/analytics.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAE1D,MAAM,MAAM,oBAAoB,GAC7B,uBAAuB,GACvB,sBAAsB,GACtB,yBAAyB,GACzB,mBAAmB,GACnB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,GACpB,uBAAuB,GACvB,iBAAiB,GACjB,wBAAwB,CAAA;AAM3B,UAAU,gBAAgB;IACzB,MAAM,CAAC,EAAE;QACR,SAAS,CAAC,EAAE;YACX,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,CAAA;SAC1C,CAAA;KACD,CAAA;CACD;AAED,UAAU,0BAA0B;IACnC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,OAAO,CAAC,EAAE,gBAAgB,CAAA;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,CAAA;CACnB;AAED,wBAAgB,wBAAwB,CACvC,OAAO,EAAE,qBAAqB,EAC9B,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACpC,SAAS,EAAE,oBAAoB,EAC/B,WAAW,GAAE,0BAA+B,GAC1C,OAAO,CAeT;AAED,wBAAgB,6BAA6B,CAC5C,OAAO,EAAE,qBAAqB,EAC9B,SAAS,EAAE,oBAAoB,EAC/B,WAAW,GAAE,0BAA+B,GAC1C;IAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE,CA+B3D"}
1
+ {"version":3,"file":"analytics.d.ts","sourceRoot":"","sources":["../../src/utils/analytics.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAE1D,MAAM,MAAM,oBAAoB,GAC7B,uBAAuB,GACvB,sBAAsB,GACtB,yBAAyB,GACzB,mBAAmB,GACnB,oBAAoB,GACpB,6BAA6B,GAC7B,sBAAsB,GACtB,oBAAoB,GACpB,uBAAuB,GACvB,iBAAiB,GACjB,wBAAwB,CAAA;AAM3B,UAAU,gBAAgB;IACzB,MAAM,CAAC,EAAE;QACR,SAAS,CAAC,EAAE;YACX,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,CAAA;SAC1C,CAAA;KACD,CAAA;CACD;AAED,UAAU,0BAA0B;IACnC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,OAAO,CAAC,EAAE,gBAAgB,CAAA;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,CAAA;CACnB;AAED,wBAAgB,wBAAwB,CACvC,OAAO,EAAE,qBAAqB,EAC9B,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACpC,SAAS,EAAE,oBAAoB,EAC/B,WAAW,GAAE,0BAA+B,GAC1C,OAAO,CAeT;AAED,wBAAgB,6BAA6B,CAC5C,OAAO,EAAE,qBAAqB,EAC9B,SAAS,EAAE,oBAAoB,EAC/B,WAAW,GAAE,0BAA+B,GAC1C;IAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE,CA+B3D"}
package/dist/utils/analytics.js CHANGED
@@ -62,6 +62,7 @@ function categoryForMailerEvent(eventName) {
62
62
  case 'newsletter_opened':
63
63
  case 'newsletter_clicked':
64
64
  return 'interaction';
65
+ case 'newsletter_webhook_received':
65
66
  case 'newsletter_delivered':
66
67
  case 'newsletter_bounced':
67
68
  case 'newsletter_complained':
package/dist/utils/analytics.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"analytics.js","sourceRoot":"","sources":["../../src/utils/analytics.ts"],"names":[],"mappings":"AAkCA,MAAM,UAAU,wBAAwB,CACvC,OAA8B,EAC9B,WAAoC,EACpC,SAA+B,EAC/B,cAA0C,EAAE;IAE5C,IAAI,CAAC,OAAO,CAAC,gBAAgB;QAAE,OAAO,KAAK,CAAA;IAE3C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAiC,CAAA;IAC9F,IAAI,CAAC,gBAAgB,EAAE,cAAc;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,SAAS,GAAG,6BAA6B,CAAC,OAAO,EAAE,SAAS,EAAE,WAAW,CAAC,CAAA;IAChF,MAAM,KAAK,GAAG,gBAAgB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAA;IACxD,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,CAAA;IACnE,IAAI,SAAS,EAAE,CAAC;QACf,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;IACxC,CAAC;SAAM,CAAC;QACP,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,MAAM,UAAU,6BAA6B,CAC5C,OAA8B,EAC9B,SAA+B,EAC/B,cAA0C,EAAE;IAE5C,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC7F,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC7C,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;IAExE,OAAO;QACN,KAAK,EAAE;YACN,SAAS;YACT,MAAM;YACN,EAAE;YACF,EAAE;YACF,GAAG,CAAC,QAAQ,EAAE;YACd,GAAG,CAAC,QAAQ;YACZ,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE;YACjD,EAAE;YACF,EAAE;YACF,EAAE;YACF,EAAE;YACF,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE;YACtD,EAAE;YACF,EAAE;YACF,EAAE;YACF,WAAW,CAAC,WAAW,IAAI,EAAE;YAC7B,YAAY;YACZ,sBAAsB,CAAC,SAAS,CAAC;YACjC,KAAK;YACL,OAAO;SACP;QACD,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,UAAU,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChF,OAAO,EAAE,CAAC,SAAS,CAAC;KACpB,CAAA;AACF,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACrC,IAAI,CAAC;QACJ,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IACvD,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,OAAO,CAAA;IACf,CAAC;AACF,CAAC;AAED,SAAS,sBAAsB,CAAC,SAA+B;IAC9D,QAAQ,SAAS,EAAE,CAAC;QACnB,KAAK,uBAAuB,CAAC;QAC7B,KAAK,sBAAsB;YAC1B,OAAO,YAAY,CAAA;QACpB,KAAK,mBAAmB,CAAC;QACzB,KAAK,oBAAoB;YACxB,OAAO,aAAa,CAAA;QACrB,KAAK,sBAAsB,CAAC;QAC5B,KAAK,oBAAoB,CAAC;QAC1B,KAAK,uBAAuB,CAAC;QAC7B,KAAK,iBAAiB,CAAC;QACvB,KAAK,wBAAwB,CAAC;QAC9B,KAAK,yBAAyB;YAC7B,OAAO,YAAY,CAAA;IACrB,CAAC;AACF,CAAC"}
1
+ {"version":3,"file":"analytics.js","sourceRoot":"","sources":["../../src/utils/analytics.ts"],"names":[],"mappings":"AAmCA,MAAM,UAAU,wBAAwB,CACvC,OAA8B,EAC9B,WAAoC,EACpC,SAA+B,EAC/B,cAA0C,EAAE;IAE5C,IAAI,CAAC,OAAO,CAAC,gBAAgB;QAAE,OAAO,KAAK,CAAA;IAE3C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAiC,CAAA;IAC9F,IAAI,CAAC,gBAAgB,EAAE,cAAc;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,SAAS,GAAG,6BAA6B,CAAC,OAAO,EAAE,SAAS,EAAE,WAAW,CAAC,CAAA;IAChF,MAAM,KAAK,GAAG,gBAAgB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAA;IACxD,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,CAAA;IACnE,IAAI,SAAS,EAAE,CAAC;QACf,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;IACxC,CAAC;SAAM,CAAC;QACP,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,MAAM,UAAU,6BAA6B,CAC5C,OAA8B,EAC9B,SAA+B,EAC/B,cAA0C,EAAE;IAE5C,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC7F,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC7C,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;IAExE,OAAO;QACN,KAAK,EAAE;YACN,SAAS;YACT,MAAM;YACN,EAAE;YACF,EAAE;YACF,GAAG,CAAC,QAAQ,EAAE;YACd,GAAG,CAAC,QAAQ;YACZ,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE;YACjD,EAAE;YACF,EAAE;YACF,EAAE;YACF,EAAE;YACF,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE;YACtD,EAAE;YACF,EAAE;YACF,EAAE;YACF,WAAW,CAAC,WAAW,IAAI,EAAE;YAC7B,YAAY;YACZ,sBAAsB,CAAC,SAAS,CAAC;YACjC,KAAK;YACL,OAAO;SACP;QACD,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,UAAU,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAChF,OAAO,EAAE,CAAC,SAAS,CAAC;KACpB,CAAA;AACF,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACrC,IAAI,CAAC;QACJ,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IACvD,CAAC;IAAC,MAAM,CAAC;QACR,OAAO,OAAO,CAAA;IACf,CAAC;AACF,CAAC;AAED,SAAS,sBAAsB,CAAC,SAA+B;IAC9D,QAAQ,SAAS,EAAE,CAAC;QACnB,KAAK,uBAAuB,CAAC;QAC7B,KAAK,sBAAsB;YAC1B,OAAO,YAAY,CAAA;QACpB,KAAK,mBAAmB,CAAC;QACzB,KAAK,oBAAoB;YACxB,OAAO,aAAa,CAAA;QACrB,KAAK,6BAA6B,CAAC;QACnC,KAAK,sBAAsB,CAAC;QAC5B,KAAK,oBAAoB,CAAC;QAC1B,KAAK,uBAAuB,CAAC;QAC7B,KAAK,iBAAiB,CAAC;QACvB,KAAK,wBAAwB,CAAC;QAC9B,KAAK,yBAAyB;YAC7B,OAAO,YAAY,CAAA;IACrB,CAAC;AACF,CAAC"}
package/dist/utils/index.d.ts CHANGED
@@ -10,4 +10,5 @@ export { confirmSubscriber, countSubscribers, createSubscriber, getSubscriberBat
10
10
  export { inlineStyles, interpolate, processConditionals, renderDigestItems, renderEmail, } from './templates.js';
11
11
  export { generateToken, verifyToken } from './tokens.js';
12
12
  export { injectTrackingPixel, rewriteLinksForTracking, TRANSPARENT_GIF, } from './tracking.js';
13
+ export { signWebhookPayload, verifyWebhookSignature } from './webhook-signature.js';
13
14
  //# sourceMappingURL=index.d.ts.map
package/dist/utils/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,6BAA6B,EAC7B,wBAAwB,EACxB,KAAK,oBAAoB,GACzB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACN,YAAY,EACZ,eAAe,EACf,cAAc,EACd,gBAAgB,GAChB,MAAM,aAAa,CAAA;AACpB,YAAY,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAC5E,YAAY,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AACvE,OAAO,EACN,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,kBAAkB,GAClB,MAAM,iBAAiB,CAAA;AACxB,YAAY,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AAC1C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AACvE,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,qBAAqB,EACrB,iBAAiB,GACjB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EACN,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,GACX,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACxD,OAAO,EACN,mBAAmB,EACnB,uBAAuB,EACvB,eAAe,GACf,MAAM,eAAe,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,6BAA6B,EAC7B,wBAAwB,EACxB,KAAK,oBAAoB,GACzB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACN,YAAY,EACZ,eAAe,EACf,cAAc,EACd,gBAAgB,GAChB,MAAM,aAAa,CAAA;AACpB,YAAY,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAC5E,YAAY,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AACvE,OAAO,EACN,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,kBAAkB,GAClB,MAAM,iBAAiB,CAAA;AACxB,YAAY,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AAC1C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AACvE,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,qBAAqB,EACrB,iBAAiB,GACjB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EACN,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,GACX,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACxD,OAAO,EACN,mBAAmB,EACnB,uBAAuB,EACvB,eAAe,GACf,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAA"}
package/dist/utils/index.js CHANGED
@@ -7,4 +7,5 @@ export { confirmSubscriber, countSubscribers, createSubscriber, getSubscriberBat
7
7
  export { inlineStyles, interpolate, processConditionals, renderDigestItems, renderEmail, } from './templates.js';
8
8
  export { generateToken, verifyToken } from './tokens.js';
9
9
  export { injectTrackingPixel, rewriteLinksForTracking, TRANSPARENT_GIF, } from './tracking.js';
10
+ export { signWebhookPayload, verifyWebhookSignature } from './webhook-signature.js';
10
11
  //# sourceMappingURL=index.js.map
package/dist/utils/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,6BAA6B,EAC7B,wBAAwB,GAExB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACN,YAAY,EACZ,eAAe,EACf,cAAc,EACd,gBAAgB,GAChB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EACN,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,kBAAkB,GAClB,MAAM,iBAAiB,CAAA;AAExB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AACvE,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,qBAAqB,EACrB,iBAAiB,GACjB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EACN,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,GACX,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACxD,OAAO,EACN,mBAAmB,EACnB,uBAAuB,EACvB,eAAe,GACf,MAAM,eAAe,CAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,6BAA6B,EAC7B,wBAAwB,GAExB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACN,YAAY,EACZ,eAAe,EACf,cAAc,EACd,gBAAgB,GAChB,MAAM,aAAa,CAAA;AAEpB,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAE5E,OAAO,EACN,uBAAuB,EACvB,qBAAqB,EACrB,eAAe,EACf,aAAa,EACb,kBAAkB,GAClB,MAAM,iBAAiB,CAAA;AAExB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AACvE,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,qBAAqB,EACrB,iBAAiB,GACjB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EACN,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,GACX,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACxD,OAAO,EACN,mBAAmB,EACnB,uBAAuB,EACvB,eAAe,GACf,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAA"}
package/dist/utils/webhook-signature.d.ts ADDED
@@ -0,0 +1,6 @@
1
+ import type { ResolvedMailerOptions } from '../options.js';
2
+ type WebhookSignatureOptions = ResolvedMailerOptions['webhookSignature'];
3
+ export declare function verifyWebhookSignature(options: WebhookSignatureOptions, request: Request, body: string, nowMs?: number): Promise<boolean>;
4
+ export declare function signWebhookPayload(secret: string, timestamp: string, body: string): Promise<string>;
5
+ export {};
6
+ //# sourceMappingURL=webhook-signature.d.ts.map
package/dist/utils/webhook-signature.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"webhook-signature.d.ts","sourceRoot":"","sources":["../../src/utils/webhook-signature.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AAE1D,KAAK,uBAAuB,GAAG,qBAAqB,CAAC,kBAAkB,CAAC,CAAA;AAExE,wBAAsB,sBAAsB,CAC3C,OAAO,EAAE,uBAAuB,EAChC,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,MAAM,EACZ,KAAK,GAAE,MAAmB,GACxB,OAAO,CAAC,OAAO,CAAC,CAoBlB;AAED,wBAAsB,kBAAkB,CACvC,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,GACV,OAAO,CAAC,MAAM,CAAC,CAQjB"}
package/dist/utils/webhook-signature.js ADDED
@@ -0,0 +1,59 @@
1
+ export async function verifyWebhookSignature(options, request, body, nowMs = Date.now()) {
2
+ if (!options.enabled)
3
+ return true;
4
+ const timestamp = request.headers.get(options.timestampHeader);
5
+ const signatureHeader = request.headers.get(options.header);
6
+ if (!timestamp || !signatureHeader)
7
+ return false;
8
+ if (!timestampWithinTolerance(timestamp, options.toleranceSeconds, nowMs))
9
+ return false;
10
+ const signature = signatureFromHeader(signatureHeader);
11
+ if (!signature)
12
+ return false;
13
+ const key = await importWebhookKey(options.secret);
14
+ const signedBody = `${timestamp}.${body}`;
15
+ return crypto.subtle.verify('HMAC', key, fromBase64Url(signature), new TextEncoder().encode(signedBody));
16
+ }
17
+ export async function signWebhookPayload(secret, timestamp, body) {
18
+ const key = await importWebhookKey(secret);
19
+ const signature = await crypto.subtle.sign('HMAC', key, new TextEncoder().encode(`${timestamp}.${body}`));
20
+ return toBase64Url(signature);
21
+ }
22
+ function timestampWithinTolerance(timestamp, toleranceSeconds, nowMs) {
23
+ if (toleranceSeconds === 0)
24
+ return true;
25
+ const parsed = Number(timestamp);
26
+ if (!Number.isFinite(parsed))
27
+ return false;
28
+ const timestampMs = parsed > 1_000_000_000_000 ? parsed : parsed * 1000;
29
+ return Math.abs(nowMs - timestampMs) <= toleranceSeconds * 1000;
30
+ }
31
+ function signatureFromHeader(header) {
32
+ const parts = header.split(',').map((part) => part.trim());
33
+ for (const part of parts) {
34
+ if (part.startsWith('v1='))
35
+ return part.slice(3);
36
+ }
37
+ return parts[0] || null;
38
+ }
39
+ async function importWebhookKey(secret) {
40
+ return crypto.subtle.importKey('raw', new TextEncoder().encode(secret), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign', 'verify']);
41
+ }
42
+ function fromBase64Url(value) {
43
+ const padded = value
44
+ .replace(/-/g, '+')
45
+ .replace(/_/g, '/')
46
+ .padEnd(Math.ceil(value.length / 4) * 4, '=');
47
+ const binary = atob(padded);
48
+ const bytes = new Uint8Array(new ArrayBuffer(binary.length));
49
+ for (let i = 0; i < binary.length; i++)
50
+ bytes[i] = binary.charCodeAt(i);
51
+ return bytes;
52
+ }
53
+ function toBase64Url(bytes) {
54
+ let binary = '';
55
+ for (const byte of new Uint8Array(bytes))
56
+ binary += String.fromCharCode(byte);
57
+ return btoa(binary).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
58
+ }
59
+ //# sourceMappingURL=webhook-signature.js.map
package/dist/utils/webhook-signature.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"webhook-signature.js","sourceRoot":"","sources":["../../src/utils/webhook-signature.ts"],"names":[],"mappings":"AAIA,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC3C,OAAgC,EAChC,OAAgB,EAChB,IAAY,EACZ,QAAgB,IAAI,CAAC,GAAG,EAAE;IAE1B,IAAI,CAAC,OAAO,CAAC,OAAO;QAAE,OAAO,IAAI,CAAA;IAEjC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IAC9D,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3D,IAAI,CAAC,SAAS,IAAI,CAAC,eAAe;QAAE,OAAO,KAAK,CAAA;IAEhD,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,OAAO,CAAC,gBAAgB,EAAE,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IAEvF,MAAM,SAAS,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAA;IACtD,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAA;IAE5B,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IAClD,MAAM,UAAU,GAAG,GAAG,SAAS,IAAI,IAAI,EAAE,CAAA;IACzC,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAC1B,MAAM,EACN,GAAG,EACH,aAAa,CAAC,SAAS,CAAC,EACxB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CACpC,CAAA;AACF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACvC,MAAc,EACd,SAAiB,EACjB,IAAY;IAEZ,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,CAAA;IAC1C,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACzC,MAAM,EACN,GAAG,EACH,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,SAAS,IAAI,IAAI,EAAE,CAAC,CAChD,CAAA;IACD,OAAO,WAAW,CAAC,SAAS,CAAC,CAAA;AAC9B,CAAC;AAED,SAAS,wBAAwB,CAChC,SAAiB,EACjB,gBAAwB,EACxB,KAAa;IAEb,IAAI,gBAAgB,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IACvC,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,CAAA;IAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,KAAK,CAAA;IAC1C,MAAM,WAAW,GAAG,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,GAAG,IAAI,CAAA;IACvE,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,gBAAgB,GAAG,IAAI,CAAA;AAChE,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAc;IAC1C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IAC1D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACjD,CAAC;IACD,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AACxB,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,MAAc;IAC7C,OAAO,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7B,KAAK,EACL,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAChC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,EAAE,QAAQ,CAAC,CAClB,CAAA;AACF,CAAC;AAED,SAAS,aAAa,CAAC,KAAa;IACnC,MAAM,MAAM,GAAG,KAAK;SAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;SAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;SAClB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAA;IAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAA;IAC3B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAA;IAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;IACvE,OAAO,KAAK,CAAA;AACb,CAAC;AAED,SAAS,WAAW,CAAC,KAAkB;IACtC,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,KAAK,MAAM,IAAI,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;IAC7E,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;AAC/E,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@growth-labs/mailer",
3
- "version": "0.2.1",
3
+ "version": "0.2.2",
4
4
  "type": "module",
5
5
  "types": "./dist/index.d.ts",
6
6
  "exports": {
package/src/options.ts CHANGED
@@ -29,6 +29,28 @@ export const mailerOptionsSchema = z.object({
29
29
  unsubscribePath: z.string().default('/api/newsletter/unsubscribe'),
30
30
  preferencesPath: z.string().default('/email/preferences'),
31
31
  webhookPath: z.string().default('/api/email/webhook'),
32
+ webhookSignature: z
33
+ .discriminatedUnion('enabled', [
34
+ z.object({
35
+ enabled: z.literal(false),
36
+ header: z.string().default('x-gl-mailer-signature'),
37
+ timestampHeader: z.string().default('x-gl-mailer-timestamp'),
38
+ toleranceSeconds: z.number().min(0).default(300),
39
+ }),
40
+ z.object({
41
+ enabled: z.literal(true),
42
+ secret: z.string().min(32),
43
+ header: z.string().default('x-gl-mailer-signature'),
44
+ timestampHeader: z.string().default('x-gl-mailer-timestamp'),
45
+ toleranceSeconds: z.number().min(0).default(300),
46
+ }),
47
+ ])
48
+ .default({
49
+ enabled: false,
50
+ header: 'x-gl-mailer-signature',
51
+ timestampHeader: 'x-gl-mailer-timestamp',
52
+ toleranceSeconds: 300,
53
+ }),
32
54
 
33
55
  // ─── Tracking ───
34
56
  trackOpenPath: z.string().default('/api/email/open'),
package/src/routes/webhook.ts CHANGED
@@ -4,6 +4,7 @@ import type { APIRoute } from 'astro'
4
4
  import { drizzle } from 'drizzle-orm/d1'
5
5
  import { emitMailerAnalyticsEvent, type MailerAnalyticsEvent } from '../utils/analytics.js'
6
6
  import { handleBounce, handleComplaint, handleDelivery } from '../utils/bounce.js'
7
+ import { verifyWebhookSignature } from '../utils/webhook-signature.js'
7
8
 
8
9
  interface WebhookPayload {
9
10
  type: 'bounce' | 'complaint' | 'delivery'
@@ -15,7 +16,18 @@ interface WebhookPayload {
15
16
 
16
17
  export const POST: APIRoute = async (context) => {
17
18
  const { request } = context
18
- const body = (await request.json()) as WebhookPayload
19
+ const rawBody = await request.text()
20
+ const signatureValid = await verifyWebhookSignature(config.webhookSignature, request, rawBody)
21
+ if (!signatureValid) {
22
+ return Response.json({ error: 'Invalid webhook signature' }, { status: 401 })
23
+ }
24
+
25
+ let body: WebhookPayload
26
+ try {
27
+ body = JSON.parse(rawBody) as WebhookPayload
28
+ } catch {
29
+ return Response.json({ error: 'Invalid payload' }, { status: 400 })
30
+ }
19
31
 
20
32
  if (!body.type || !body.email) {
21
33
  return Response.json({ error: 'Invalid payload' }, { status: 400 })
@@ -28,6 +40,18 @@ export const POST: APIRoute = async (context) => {
28
40
  }
29
41
  const db = drizzle(d1)
30
42
 
43
+ emitMailerAnalyticsEvent(config, bindingsEnv, 'newsletter_webhook_received', {
44
+ request,
45
+ context,
46
+ contentSlug: body.trackingId ?? body.email,
47
+ label: {
48
+ type: body.type,
49
+ email: body.email,
50
+ trackingId: body.trackingId,
51
+ bounceType: body.bounceType,
52
+ },
53
+ })
54
+
31
55
  switch (body.type) {
32
56
  case 'delivery':
33
57
  if (body.trackingId) {
package/src/utils/analytics.ts CHANGED
@@ -6,6 +6,7 @@ export type MailerAnalyticsEvent =
6
6
  | 'newsletter_unsubscribed'
7
7
  | 'newsletter_opened'
8
8
  | 'newsletter_clicked'
9
+ | 'newsletter_webhook_received'
9
10
  | 'newsletter_delivered'
10
11
  | 'newsletter_bounced'
11
12
  | 'newsletter_complained'
@@ -107,6 +108,7 @@ function categoryForMailerEvent(eventName: MailerAnalyticsEvent): string {
107
108
  case 'newsletter_opened':
108
109
  case 'newsletter_clicked':
109
110
  return 'interaction'
111
+ case 'newsletter_webhook_received':
110
112
  case 'newsletter_delivered':
111
113
  case 'newsletter_bounced':
112
114
  case 'newsletter_complained':
package/src/utils/index.ts CHANGED
@@ -44,3 +44,4 @@ export {
44
44
  rewriteLinksForTracking,
45
45
  TRANSPARENT_GIF,
46
46
  } from './tracking.js'
47
+ export { signWebhookPayload, verifyWebhookSignature } from './webhook-signature.js'
package/src/utils/webhook-signature.ts ADDED
@@ -0,0 +1,91 @@
1
+ import type { ResolvedMailerOptions } from '../options.js'
2
+
3
+ type WebhookSignatureOptions = ResolvedMailerOptions['webhookSignature']
4
+
5
+ export async function verifyWebhookSignature(
6
+ options: WebhookSignatureOptions,
7
+ request: Request,
8
+ body: string,
9
+ nowMs: number = Date.now(),
10
+ ): Promise<boolean> {
11
+ if (!options.enabled) return true
12
+
13
+ const timestamp = request.headers.get(options.timestampHeader)
14
+ const signatureHeader = request.headers.get(options.header)
15
+ if (!timestamp || !signatureHeader) return false
16
+
17
+ if (!timestampWithinTolerance(timestamp, options.toleranceSeconds, nowMs)) return false
18
+
19
+ const signature = signatureFromHeader(signatureHeader)
20
+ if (!signature) return false
21
+
22
+ const key = await importWebhookKey(options.secret)
23
+ const signedBody = `${timestamp}.${body}`
24
+ return crypto.subtle.verify(
25
+ 'HMAC',
26
+ key,
27
+ fromBase64Url(signature),
28
+ new TextEncoder().encode(signedBody),
29
+ )
30
+ }
31
+
32
+ export async function signWebhookPayload(
33
+ secret: string,
34
+ timestamp: string,
35
+ body: string,
36
+ ): Promise<string> {
37
+ const key = await importWebhookKey(secret)
38
+ const signature = await crypto.subtle.sign(
39
+ 'HMAC',
40
+ key,
41
+ new TextEncoder().encode(`${timestamp}.${body}`),
42
+ )
43
+ return toBase64Url(signature)
44
+ }
45
+
46
+ function timestampWithinTolerance(
47
+ timestamp: string,
48
+ toleranceSeconds: number,
49
+ nowMs: number,
50
+ ): boolean {
51
+ if (toleranceSeconds === 0) return true
52
+ const parsed = Number(timestamp)
53
+ if (!Number.isFinite(parsed)) return false
54
+ const timestampMs = parsed > 1_000_000_000_000 ? parsed : parsed * 1000
55
+ return Math.abs(nowMs - timestampMs) <= toleranceSeconds * 1000
56
+ }
57
+
58
+ function signatureFromHeader(header: string): string | null {
59
+ const parts = header.split(',').map((part) => part.trim())
60
+ for (const part of parts) {
61
+ if (part.startsWith('v1=')) return part.slice(3)
62
+ }
63
+ return parts[0] || null
64
+ }
65
+
66
+ async function importWebhookKey(secret: string): Promise<CryptoKey> {
67
+ return crypto.subtle.importKey(
68
+ 'raw',
69
+ new TextEncoder().encode(secret),
70
+ { name: 'HMAC', hash: 'SHA-256' },
71
+ false,
72
+ ['sign', 'verify'],
73
+ )
74
+ }
75
+
76
+ function fromBase64Url(value: string): Uint8Array<ArrayBuffer> {
77
+ const padded = value
78
+ .replace(/-/g, '+')
79
+ .replace(/_/g, '/')
80
+ .padEnd(Math.ceil(value.length / 4) * 4, '=')
81
+ const binary = atob(padded)
82
+ const bytes = new Uint8Array(new ArrayBuffer(binary.length))
83
+ for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i)
84
+ return bytes
85
+ }
86
+
87
+ function toBase64Url(bytes: ArrayBuffer): string {
88
+ let binary = ''
89
+ for (const byte of new Uint8Array(bytes)) binary += String.fromCharCode(byte)
90
+ return btoa(binary).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '')
91
+ }
package/src/virtual.d.ts CHANGED
@@ -15,6 +15,20 @@ declare module 'virtual:growth-labs/mailer/config' {
15
15
  unsubscribePath: string
16
16
  preferencesPath: string
17
17
  webhookPath: string
18
+ webhookSignature:
19
+ | {
20
+ enabled: false
21
+ header: string
22
+ timestampHeader: string
23
+ toleranceSeconds: number
24
+ }
25
+ | {
26
+ enabled: true
27
+ secret: string
28
+ header: string
29
+ timestampHeader: string
30
+ toleranceSeconds: number
31
+ }
18
32
  trackOpenPath: string
19
33
  trackClickPath: string
20
34
  siteUrl: string