@technomoron/mail-magic 1.0.8 → 1.0.11

package/src/api/assets.ts

@@ -1,92 +0,0 @@
-import fs from 'fs';
-import path from 'path';
-
-import { ApiError, ApiModule, ApiRoute } from '@technomoron/api-server-base';
-
-import { mailApiServer } from '../server.js';
-import { decodeComponent, sendFileAsync } from '../util.js';
-
-import type { ApiRequest } from '@technomoron/api-server-base';
-
-const DOMAIN_PATTERN = /^[a-z0-9][a-z0-9._-]*$/i;
-const SEGMENT_PATTERN = /^[a-zA-Z0-9._-]+$/;
-
-export class AssetAPI extends ApiModule<mailApiServer> {
-	private async getAsset(apiReq: ApiRequest): Promise<[number, null]> {
-		const domain = decodeComponent(apiReq.req.params.domain);
-		if (!domain || !DOMAIN_PATTERN.test(domain)) {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-
-		const rawPath = apiReq.req.params[0] ?? '';
-		const segments = rawPath
-			.split('/')
-			.filter(Boolean)
-			.map((segment: string) => decodeComponent(segment));
-		if (!segments.length || segments.some((segment) => !SEGMENT_PATTERN.test(segment))) {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-
-		const assetsRoot = path.join(this.server.storage.configpath, domain, 'assets');
-		if (!fs.existsSync(assetsRoot)) {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-		const resolvedRoot = fs.realpathSync(assetsRoot);
-		const normalizedRoot = resolvedRoot.endsWith(path.sep) ? resolvedRoot : resolvedRoot + path.sep;
-		const candidate = path.resolve(assetsRoot, path.join(...segments));
-
-		try {
-			const stats = await fs.promises.stat(candidate);
-			if (!stats.isFile()) {
-				throw new ApiError({ code: 404, message: 'Asset not found' });
-			}
-		} catch {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-
-		let realCandidate: string;
-		try {
-			realCandidate = await fs.promises.realpath(candidate);
-		} catch {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-		if (!realCandidate.startsWith(normalizedRoot)) {
-			throw new ApiError({ code: 404, message: 'Asset not found' });
-		}
-
-		const { res } = apiReq;
-		const originalStatus = res.status.bind(res);
-		const originalJson = res.json.bind(res);
-		res.status = ((code: number) => (res.headersSent ? res : originalStatus(code))) as typeof res.status;
-		res.json = ((body: unknown) => (res.headersSent ? res : originalJson(body))) as typeof res.json;
-
-		res.type(path.extname(realCandidate));
-		res.set('Cache-Control', 'public, max-age=300');
-
-		try {
-			await sendFileAsync(res, realCandidate);
-		} catch (err) {
-			this.server.storage.print_debug(
-				`Failed to serve asset ${domain}/${segments.join('/')}: ${err instanceof Error ? err.message : String(err)}`
-			);
-			if (!res.headersSent) {
-				throw new ApiError({ code: 500, message: 'Failed to stream asset' });
-			}
-		}
-
-		return [200, null];
-	}
-
-	override defineRoutes(): ApiRoute[] {
-		const route = this.server.storage.env.ASSET_ROUTE;
-		const normalizedRoute = route.startsWith('/') ? route : `/${route}`;
-		return [
-			{
-				method: 'get',
-				path: `${normalizedRoute}/:domain/*`,
-				handler: (apiReq) => this.getAsset(apiReq),
-				auth: { type: 'none', req: 'any' }
-			}
-		];
-	}
-}

package/src/api/forms.ts

@@ -1,237 +0,0 @@
-import path from 'path';
-
-import { ApiRoute, ApiRequest, ApiModule, ApiError } from '@technomoron/api-server-base';
-import emailAddresses, { ParsedMailbox } from 'email-addresses';
-import nunjucks from 'nunjucks';
-
-import { api_domain } from '../models/domain.js';
-import { api_form } from '../models/form.js';
-import { api_user } from '../models/user.js';
-import { mailApiServer } from '../server.js';
-import { buildRequestMeta, normalizeSlug } from '../util.js';
-
-import type { mailApiRequest, UploadedFile } from '../types.js';
-
-export class FormAPI extends ApiModule<mailApiServer> {
-	private validateEmail(email: string): string | undefined {
-		const parsed = emailAddresses.parseOneAddress(email);
-		if (parsed) {
-			return (parsed as ParsedMailbox).address;
-		}
-		return undefined;
-	}
-
-	private async assertDomainAndUser(apireq: mailApiRequest): Promise<void> {
-		const { domain, locale } = apireq.req.body;
-
-		if (!domain) {
-			throw new ApiError({ code: 401, message: 'Missing domain' });
-		}
-		const user = await api_user.findOne({ where: { token: apireq.token } });
-		if (!user) {
-			throw new ApiError({ code: 401, message: `Invalid/Unknown API Key/Token '${apireq.token}'` });
-		}
-		const dbdomain = await api_domain.findOne({ where: { name: domain } });
-		if (!dbdomain) {
-			throw new ApiError({ code: 401, message: `Unable to look up the domain ${domain}` });
-		}
-		if (dbdomain.user_id !== user.user_id) {
-			throw new ApiError({ code: 403, message: `Domain ${domain} is not owned by this user` });
-		}
-		apireq.domain = dbdomain;
-		apireq.locale = locale || 'en';
-		apireq.user = user;
-	}
-
-	private async postFormTemplate(apireq: mailApiRequest): Promise<[number, { Status: string }]> {
-		await this.assertDomainAndUser(apireq);
-
-		const {
-			template,
-			sender = '',
-			recipient = '',
-			idname,
-			subject = '',
-			locale = '',
-			secret = ''
-		} = apireq.req.body;
-
-		if (!template) {
-			throw new ApiError({ code: 400, message: 'Missing template data' });
-		}
-		if (!idname) {
-			throw new ApiError({ code: 400, message: 'Missing form identifier' });
-		}
-		if (!sender) {
-			throw new ApiError({ code: 400, message: 'Missing sender address' });
-		}
-		if (!recipient) {
-			throw new ApiError({ code: 400, message: 'Missing recipient address' });
-		}
-
-		const user = apireq.user!;
-		const domain = apireq.domain!;
-		const resolvedLocale = locale || apireq.locale || '';
-		const userSlug = normalizeSlug(user.idname);
-		const domainSlug = normalizeSlug(domain.name);
-		const formSlug = normalizeSlug(idname);
-		const localeSlug = normalizeSlug(resolvedLocale || domain.locale || user.locale || '');
-		const slug = `${userSlug}-${domainSlug}${localeSlug ? '-' + localeSlug : ''}-${formSlug}`;
-		const filenameParts = [domainSlug, 'form-template'];
-		if (localeSlug) {
-			filenameParts.push(localeSlug);
-		}
-		filenameParts.push(formSlug);
-		let filename = path.join(...filenameParts);
-		if (!filename.endsWith('.njk')) {
-			filename += '.njk';
-		}
-
-		const record = {
-			user_id: user.user_id,
-			domain_id: domain.domain_id,
-			locale: localeSlug,
-			idname,
-			sender,
-			recipient,
-			subject,
-			template,
-			slug,
-			filename,
-			secret,
-			files: []
-		};
-
-		try {
-			const [form, created] = await api_form.upsert(record, {
-				returning: true,
-				conflictFields: ['user_id', 'domain_id', 'locale', 'idname']
-			});
-			this.server.storage.print_debug(`Form template upserted: ${form.idname} (created=${created})`);
-		} catch (error: unknown) {
-			throw new ApiError({
-				code: 500,
-				message: this.server!.guessExceptionText(error, 'Unknown Sequelize Error on upsert form template')
-			});
-		}
-
-		return [200, { Status: 'OK' }];
-	}
-
-	private async postSendForm(apireq: ApiRequest): Promise<[number, Record<string, unknown>]> {
-		const { formid, secret, recipient, vars = {}, replyTo, reply_to } = apireq.req.body;
-
-		if (!formid) {
-			throw new ApiError({ code: 404, message: 'Missing formid field in form' });
-		}
-
-		const form = await api_form.findOne({ where: { idname: formid } });
-		if (!form) {
-			throw new ApiError({ code: 404, message: `No such form: ${formid}` });
-		}
-
-		if (form.secret && !secret) {
-			throw new ApiError({ code: 401, message: 'This form requires a secret key' });
-		}
-		if (form.secret && form.secret !== secret) {
-			throw new ApiError({ code: 401, message: 'Bad form secret' });
-		}
-		if (recipient && !form.secret) {
-			throw new ApiError({ code: 401, message: "'recipient' parameterer requires form secret to be set" });
-		}
-		let normalizedReplyTo: string | undefined;
-		let normalizedRecipient: string | undefined;
-		const replyToValue = (replyTo || reply_to) as string | undefined;
-		if (replyToValue) {
-			normalizedReplyTo = this.validateEmail(replyToValue);
-			if (!normalizedReplyTo) {
-				throw new ApiError({ code: 400, message: 'Invalid reply-to email address' });
-			}
-		}
-		if (recipient) {
-			normalizedRecipient = this.validateEmail(String(recipient));
-			if (!normalizedRecipient) {
-				throw new ApiError({ code: 400, message: 'Invalid recipient email address' });
-			}
-		}
-
-		let parsedVars: unknown = vars ?? {};
-		if (typeof vars === 'string') {
-			try {
-				parsedVars = JSON.parse(vars);
-			} catch {
-				throw new ApiError({ code: 400, message: 'Invalid JSON provided in "vars"' });
-			}
-		}
-		const thevars = parsedVars as Record<string, unknown>;
-
-		/*
-		console.log('Headers:', apireq.req.headers);
-		console.log('Body:', JSON.stringify(apireq.req.body, null, 2));
-		console.log('Files:', JSON.stringify(apireq.req.files, null, 2));
-		*/
-
-		const rawFiles = Array.isArray(apireq.req.files) ? (apireq.req.files as UploadedFile[]) : [];
-		const attachments = rawFiles.map((file) => ({
-			filename: file.originalname,
-			path: file.path
-		}));
-
-		const attachmentMap: Record<string, string> = {};
-		for (const file of rawFiles) {
-			attachmentMap[file.fieldname] = file.originalname;
-		}
-
-		const meta = buildRequestMeta(apireq.req);
-
-		const context = {
-			...thevars,
-			_rcpt_email_: recipient,
-			_attachments_: attachmentMap,
-			_vars_: thevars,
-			_fields_: apireq.req.body,
-			_files_: rawFiles,
-			_meta_: meta
-		};
-
-		nunjucks.configure({ autoescape: true });
-		const html = nunjucks.renderString(form.template, context);
-
-		const mailOptions = {
-			from: form.sender,
-			to: normalizedRecipient || form.recipient,
-			subject: form.subject,
-			html,
-			attachments,
-			...(normalizedReplyTo ? { replyTo: normalizedReplyTo } : {})
-		};
-
-		try {
-			const info = await this.server.storage.transport!.sendMail(mailOptions);
-			this.server.storage.print_debug('Email sent: ' + info.response);
-		} catch (error: unknown) {
-			const errorMessage = error instanceof Error ? error.message : String(error);
-			this.server.storage.print_debug('Error sending email: ' + errorMessage);
-			return [500, { error: `Error sending email: ${errorMessage}` }];
-		}
-
-		return [200, {}];
-	}
-
-	override defineRoutes(): ApiRoute[] {
-		return [
-			{
-				method: 'post',
-				path: '/v1/form/template',
-				handler: (req) => this.postFormTemplate(req as mailApiRequest),
-				auth: { type: 'yes', req: 'any' }
-			},
-			{
-				method: 'post',
-				path: '/v1/form/message',
-				handler: (req) => this.postSendForm(req),
-				auth: { type: 'none', req: 'any' }
-			}
-		];
-	}
-}

package/src/api/mailer.ts

@@ -1,269 +0,0 @@
-import { ApiModule, ApiRoute, ApiError } from '@technomoron/api-server-base';
-import emailAddresses, { ParsedMailbox } from 'email-addresses';
-import { convert } from 'html-to-text';
-import nunjucks from 'nunjucks';
-
-import { api_domain } from '../models/domain.js';
-import { api_txmail } from '../models/txmail.js';
-import { api_user } from '../models/user.js';
-import { mailApiServer } from '../server.js';
-import { buildRequestMeta } from '../util.js';
-
-import type { mailApiRequest, UploadedFile } from '../types.js';
-
-export class MailerAPI extends ApiModule<mailApiServer> {
-	//
-	// Validate and return the parsed email address
-	//
-	validateEmail(email: string): string | undefined {
-		const parsed = emailAddresses.parseOneAddress(email);
-		if (parsed) {
-			return (parsed as ParsedMailbox).address;
-		}
-		return undefined;
-	}
-
-	//
-	// Validate a set of email addresses. Return arrays of invalid
-	// and valid email addresses.
-	//
-
-	validateEmails(list: string): { valid: string[]; invalid: string[] } {
-		const valid = [] as string[],
-			invalid = [] as string[];
-
-		const emails = list
-			.split(',')
-			.map((email) => email.trim())
-			.filter((email) => email !== '');
-		emails.forEach((email) => {
-			const addr = this.validateEmail(email);
-			if (addr) {
-				valid.push(addr);
-			} else {
-				invalid.push(email);
-			}
-		});
-		return { valid, invalid };
-	}
-
-	async assert_domain_and_user(apireq: mailApiRequest) {
-		const { domain, locale } = apireq.req.body;
-
-		if (!domain) {
-			throw new ApiError({ code: 401, message: 'Missing domain' });
-		}
-		const user = await api_user.findOne({ where: { token: apireq.token } });
-		if (!user) {
-			throw new ApiError({ code: 401, message: `Invalid/Unknown API Key/Token '${apireq.token}'` });
-		}
-		const dbdomain = await api_domain.findOne({ where: { name: domain } });
-		if (!dbdomain) {
-			throw new ApiError({ code: 401, message: `Unable to look up the domain ${domain}` });
-		}
-		if (dbdomain.user_id !== user.user_id) {
-			throw new ApiError({ code: 403, message: `Domain ${domain} is not owned by this user` });
-		}
-		apireq.domain = dbdomain;
-		apireq.locale = locale || 'en';
-		apireq.user = user;
-	}
-
-	// Store a template in the database
-
-	private async post_template(apireq: mailApiRequest): Promise<[number, { Status: string }]> {
-		await this.assert_domain_and_user(apireq);
-
-		const { template, sender = '', name, subject = '', locale = '' } = apireq.req.body;
-
-		if (!template) {
-			throw new ApiError({ code: 400, message: 'Missing template data' });
-		}
-		if (!name) {
-			throw new ApiError({ code: 400, message: 'Missing template name' });
-		}
-
-		const data = {
-			user_id: apireq.user!.user_id,
-			domain_id: apireq.domain!.domain_id,
-			name,
-			subject,
-			locale,
-			sender,
-			template
-		};
-
-		/*
-		console.log(JSON.stringify({
-		user: apireq.user,
-		domain: apireq.domain,
-		domain_id: apireq.domain.domain_id,
-		data
-		}, undefined, 2)); */
-
-		try {
-			const [templateRecord, created] = await api_txmail.upsert(data, {
-				returning: true
-			});
-			this.server.storage.print_debug(`Template upserted: ${templateRecord.name} (created=${created})`);
-		} catch (error: unknown) {
-			throw new ApiError({
-				code: 500,
-				message: this.server!.guessExceptionText(error, 'Unknown Sequelize Error on upsert template')
-			});
-		}
-		return [200, { Status: 'OK' }];
-	}
-
-	// Send a template using posted arguments.
-
-	private async post_send(apireq: mailApiRequest): Promise<[number, Record<string, unknown>]> {
-		await this.assert_domain_and_user(apireq);
-
-		const { name, rcpt, domain = '', locale = '', vars = {}, replyTo, reply_to, headers } = apireq.req.body;
-
-		if (!name || !rcpt || !domain) {
-			throw new ApiError({ code: 400, message: 'name/rcpt/domain required' });
-		}
-
-		let parsedVars: unknown = vars ?? {};
-		if (typeof vars === 'string') {
-			try {
-				parsedVars = JSON.parse(vars);
-			} catch {
-				throw new ApiError({ code: 400, message: 'Invalid JSON provided in "vars"' });
-			}
-		}
-		const thevars = parsedVars as Record<string, unknown>;
-
-		// const dbdomain = await api_domain.findOne({ where: { domain } });
-
-		const { valid, invalid } = this.validateEmails(rcpt);
-		if (invalid.length > 0) {
-			throw new ApiError({ code: 400, message: 'Invalid email address(es): ' + invalid.join(',') });
-		}
-		let template: api_txmail | null = null;
-		const deflocale = this.server.storage.deflocale || '';
-		const domain_id = apireq.domain!.domain_id;
-
-		try {
-			template =
-				(await api_txmail.findOne({ where: { name, domain_id, locale } })) ||
-				(await api_txmail.findOne({ where: { name, domain_id, locale: deflocale } })) ||
-				(await api_txmail.findOne({ where: { name, domain_id } }));
-		} catch (error: unknown) {
-			throw new ApiError({
-				code: 500,
-				message: this.server!.guessExceptionText(error, 'Unknown Sequelize Error')
-			});
-		}
-		if (!template) {
-			throw new ApiError({
-				code: 404,
-				message: `Template "${name}" not found for any locale in domain "${domain}"`
-			});
-		}
-
-		const sender = template.sender || apireq.domain!.sender || apireq.user!.email;
-		if (!sender) {
-			throw new ApiError({ code: 500, message: `Unable to locate sender for ${template.name}` });
-		}
-
-		const rawFiles = Array.isArray(apireq.req.files) ? (apireq.req.files as UploadedFile[]) : [];
-		const templateAssets = Array.isArray(template.files) ? template.files : [];
-		const attachments = [
-			...templateAssets.map((file) => ({
-				filename: file.filename,
-				path: file.path,
-				cid: file.cid
-			})),
-			...rawFiles.map((file) => ({
-				filename: file.originalname,
-				path: file.path
-			}))
-		];
-
-		const attachmentMap: Record<string, string> = {};
-		for (const file of rawFiles) {
-			attachmentMap[file.fieldname] = file.originalname;
-		}
-		this.server.storage.print_debug(`Template vars: ${JSON.stringify({ vars, thevars }, undefined, 2)}`);
-
-		const meta = buildRequestMeta(apireq.req);
-		const replyToValue = (replyTo || reply_to) as string | undefined;
-		let normalizedReplyTo: string | undefined;
-		if (replyToValue) {
-			normalizedReplyTo = this.validateEmail(replyToValue);
-			if (!normalizedReplyTo) {
-				throw new ApiError({ code: 400, message: 'Invalid reply-to email address' });
-			}
-		}
-
-		let normalizedHeaders: Record<string, string> | undefined;
-		if (headers !== undefined) {
-			if (!headers || typeof headers !== 'object' || Array.isArray(headers)) {
-				throw new ApiError({ code: 400, message: 'headers must be a key/value object' });
-			}
-			normalizedHeaders = {};
-			for (const [key, value] of Object.entries(headers as Record<string, unknown>)) {
-				if (typeof value !== 'string') {
-					throw new ApiError({ code: 400, message: `headers.${key} must be a string` });
-				}
-				normalizedHeaders[key] = value;
-			}
-		}
-
-		try {
-			const env = new nunjucks.Environment(null, { autoescape: false });
-
-			const compiled = nunjucks.compile(template.template, env);
-
-			for (const recipient of valid) {
-				const fullargs = {
-					...thevars,
-					_rcpt_email_: recipient,
-					_attachments_: attachmentMap,
-					_vars_: thevars,
-					_meta_: meta
-				};
-				const html = await compiled.render(fullargs);
-				const text = convert(html);
-				const sendargs = {
-					from: sender,
-					to: recipient,
-					subject: template.subject || apireq.req.body.subject || '',
-					html,
-					text,
-					attachments,
-					...(normalizedReplyTo ? { replyTo: normalizedReplyTo } : {}),
-					...(normalizedHeaders ? { headers: normalizedHeaders } : {})
-				};
-				await this.server.storage.transport!.sendMail(sendargs);
-			}
-			return [200, { Status: 'OK', Message: 'Emails sent successfully' }];
-		} catch (error: unknown) {
-			// console.log(JSON.stringify(e, null, 2));
-			throw new ApiError({
-				code: 500,
-				message: error instanceof Error ? error.message : String(error)
-			});
-		}
-	}
-
-	override defineRoutes(): ApiRoute[] {
-		return [
-			{
-				method: 'post',
-				path: '/v1/tx/message',
-				handler: this.post_send.bind(this),
-				auth: { type: 'yes', req: 'any' }
-			},
-			{
-				method: 'post',
-				path: '/v1/tx/template',
-				handler: this.post_template.bind(this),
-				auth: { type: 'yes', req: 'any' }
-			}
-		];
-	}
-}

package/src/index.ts

@@ -1,71 +0,0 @@
-import { pathToFileURL } from 'node:url';
-
-import { AssetAPI } from './api/assets.js';
-import { FormAPI } from './api/forms.js';
-import { MailerAPI } from './api/mailer.js';
-import { mailApiServer } from './server.js';
-import { mailStore } from './store/store.js';
-
-import type { ApiServerConf } from '@technomoron/api-server-base';
-
-export type MailMagicServerOptions = Partial<ApiServerConf>;
-
-export type MailMagicServerBootstrap = {
-	server: mailApiServer;
-	store: mailStore;
-	env: mailStore['env'];
-};
-
-function buildServerConfig(store: mailStore, overrides: MailMagicServerOptions): MailMagicServerOptions {
-	const env = store.env;
-	return {
-		apiHost: env.API_HOST,
-		apiPort: env.API_PORT,
-		uploadPath: env.UPLOAD_PATH,
-		debug: env.DEBUG,
-		apiBasePath: '',
-		swaggerEnabled: env.SWAGGER_ENABLED,
-		swaggerPath: env.SWAGGER_PATH,
-		...overrides
-	};
-}
-
-export async function createMailMagicServer(overrides: MailMagicServerOptions = {}): Promise<MailMagicServerBootstrap> {
-	const store = await new mailStore().init();
-	const config = buildServerConfig(store, overrides);
-	const server = new mailApiServer(config, store).api(new MailerAPI()).api(new FormAPI()).api(new AssetAPI());
-
-	return { server, store, env: store.env };
-}
-
-export async function startMailMagicServer(overrides: MailMagicServerOptions = {}): Promise<MailMagicServerBootstrap> {
-	const bootstrap = await createMailMagicServer(overrides);
-	await bootstrap.server.start();
-	return bootstrap;
-}
-
-async function bootMailMagic() {
-	try {
-		const { env } = await startMailMagicServer();
-		console.log(`mail-magic server listening on ${env.API_HOST}:${env.API_PORT}`);
-	} catch (err) {
-		console.error('Failed to start FormMailer:', err);
-		process.exit(1);
-	}
-}
-
-const isDirectExecution = (() => {
-	if (!process.argv[1]) {
-		return false;
-	}
-
-	try {
-		return import.meta.url === pathToFileURL(process.argv[1]).href;
-	} catch {
-		return false;
-	}
-})();
-
-if (isDirectExecution) {
-	void bootMailMagic();
-}