npm - emailengine-app - Versions diffs - 2.61.1 → 2.61.2 - Mend

emailengine-app 2.61.1 → 2.61.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (136) hide show

package/CHANGELOG.md +9 -0
package/data/google-crawlers.json +1 -1
package/lib/account/account-state.js +248 -0
package/lib/account.js +17 -178
package/lib/api-routes/account-routes.js +1006 -0
package/lib/api-routes/message-routes.js +1377 -0
package/lib/consts.js +12 -2
package/lib/email-client/base-client.js +282 -771
package/lib/email-client/gmail/gmail-api.js +243 -0
package/lib/email-client/gmail-client.js +145 -53
package/lib/email-client/imap/mailbox.js +24 -698
package/lib/email-client/imap/sync-operations.js +812 -0
package/lib/email-client/imap-client.js +1 -1
package/lib/email-client/message-builder.js +566 -0
package/lib/email-client/notification-handler.js +314 -0
package/lib/email-client/outlook/graph-api.js +326 -0
package/lib/email-client/outlook-client.js +159 -113
package/lib/email-client/smtp-pool-manager.js +196 -0
package/lib/imapproxy/imap-server.js +3 -12
package/lib/oauth/gmail.js +4 -4
package/lib/oauth/mail-ru.js +30 -5
package/lib/oauth/outlook.js +57 -3
package/lib/oauth/pubsub/google.js +30 -11
package/lib/oauth/scope-checker.js +202 -0
package/lib/oauth2-apps.js +8 -4
package/lib/redis-operations.js +484 -0
package/lib/routes-ui.js +283 -2582
package/lib/tools.js +4 -196
package/lib/ui-routes/account-routes.js +1931 -0
package/lib/ui-routes/admin-config-routes.js +1233 -0
package/lib/ui-routes/admin-entities-routes.js +2367 -0
package/lib/ui-routes/oauth-routes.js +992 -0
package/lib/utils/network.js +237 -0
package/package.json +9 -9
package/sbom.json +1 -1
package/static/js/app.js +5 -5
package/static/licenses.html +78 -18
package/translations/de.mo +0 -0
package/translations/de.po +85 -82
package/translations/en.mo +0 -0
package/translations/en.po +63 -71
package/translations/et.mo +0 -0
package/translations/et.po +84 -82
package/translations/fr.mo +0 -0
package/translations/fr.po +85 -82
package/translations/ja.mo +0 -0
package/translations/ja.po +84 -82
package/translations/messages.pot +74 -87
package/translations/nl.mo +0 -0
package/translations/nl.po +86 -82
package/translations/pl.mo +0 -0
package/translations/pl.po +84 -82
package/views/account/security.hbs +4 -4
package/views/accounts/account.hbs +13 -13
package/views/accounts/register/imap-server.hbs +12 -12
package/views/config/document-store/pre-processing/index.hbs +4 -2
package/views/config/oauth/app.hbs +6 -7
package/views/config/oauth/index.hbs +2 -2
package/views/config/service.hbs +3 -4
package/views/dashboard.hbs +5 -7
package/views/error.hbs +22 -7
package/views/gateways/gateway.hbs +2 -2
package/views/partials/add_account_modal.hbs +7 -10
package/views/partials/document_store_header.hbs +1 -1
package/views/partials/editor_scope_info.hbs +0 -1
package/views/partials/oauth_config_header.hbs +1 -1
package/views/partials/side_menu.hbs +3 -3
package/views/partials/webhook_form.hbs +2 -2
package/views/templates/index.hbs +1 -1
package/views/templates/template.hbs +8 -8
package/views/tokens/index.hbs +6 -6
package/views/tokens/new.hbs +1 -1
package/views/webhooks/index.hbs +4 -4
package/views/webhooks/webhook.hbs +7 -7
package/workers/api.js +148 -2436
package/workers/smtp.js +2 -1
package/lib/imapproxy/imap-core/test/client.js +0 -46
package/lib/imapproxy/imap-core/test/fixtures/append.eml +0 -1196
package/lib/imapproxy/imap-core/test/fixtures/chunks.js +0 -44
package/lib/imapproxy/imap-core/test/fixtures/fix1.eml +0 -6
package/lib/imapproxy/imap-core/test/fixtures/fix2.eml +0 -599
package/lib/imapproxy/imap-core/test/fixtures/fix3.eml +0 -32
package/lib/imapproxy/imap-core/test/fixtures/fix4.eml +0 -6
package/lib/imapproxy/imap-core/test/fixtures/mimetorture.eml +0 -599
package/lib/imapproxy/imap-core/test/fixtures/mimetorture.js +0 -2740
package/lib/imapproxy/imap-core/test/fixtures/mimetorture.json +0 -1411
package/lib/imapproxy/imap-core/test/fixtures/mimetree.js +0 -85
package/lib/imapproxy/imap-core/test/fixtures/nodemailer.eml +0 -582
package/lib/imapproxy/imap-core/test/fixtures/ryan_finnie_mime_torture.eml +0 -599
package/lib/imapproxy/imap-core/test/fixtures/simple.eml +0 -42
package/lib/imapproxy/imap-core/test/fixtures/simple.json +0 -164
package/lib/imapproxy/imap-core/test/imap-compile-stream-test.js +0 -671
package/lib/imapproxy/imap-core/test/imap-compiler-test.js +0 -272
package/lib/imapproxy/imap-core/test/imap-indexer-test.js +0 -236
package/lib/imapproxy/imap-core/test/imap-parser-test.js +0 -922
package/lib/imapproxy/imap-core/test/memory-notifier.js +0 -129
package/lib/imapproxy/imap-core/test/prepare.sh +0 -74
package/lib/imapproxy/imap-core/test/protocol-test.js +0 -1756
package/lib/imapproxy/imap-core/test/search-test.js +0 -1356
package/lib/imapproxy/imap-core/test/test-client.js +0 -152
package/lib/imapproxy/imap-core/test/test-server.js +0 -623
package/lib/imapproxy/imap-core/test/tools-test.js +0 -22
package/test/api-test.js +0 -899
package/test/autoreply-test.js +0 -327
package/test/bounce-test.js +0 -151
package/test/complaint-test.js +0 -256
package/test/fixtures/autoreply/LICENSE +0 -27
package/test/fixtures/autoreply/rfc3834-01.eml +0 -23
package/test/fixtures/autoreply/rfc3834-02.eml +0 -24
package/test/fixtures/autoreply/rfc3834-03.eml +0 -26
package/test/fixtures/autoreply/rfc3834-04.eml +0 -48
package/test/fixtures/autoreply/rfc3834-05.eml +0 -19
package/test/fixtures/autoreply/rfc3834-06.eml +0 -59
package/test/fixtures/bounces/163.eml +0 -2521
package/test/fixtures/bounces/fastmail.eml +0 -242
package/test/fixtures/bounces/gmail.eml +0 -252
package/test/fixtures/bounces/hotmail.eml +0 -655
package/test/fixtures/bounces/mailru.eml +0 -121
package/test/fixtures/bounces/outlook.eml +0 -1107
package/test/fixtures/bounces/postfix.eml +0 -101
package/test/fixtures/bounces/rambler.eml +0 -116
package/test/fixtures/bounces/workmail.eml +0 -142
package/test/fixtures/bounces/yahoo.eml +0 -139
package/test/fixtures/bounces/zoho.eml +0 -83
package/test/fixtures/bounces/zonemta.eml +0 -100
package/test/fixtures/complaints/LICENSE +0 -27
package/test/fixtures/complaints/amazonses.eml +0 -72
package/test/fixtures/complaints/dmarc.eml +0 -59
package/test/fixtures/complaints/hotmail.eml +0 -49
package/test/fixtures/complaints/optout.eml +0 -40
package/test/fixtures/complaints/standard-arf.eml +0 -68
package/test/fixtures/complaints/yahoo.eml +0 -68
package/test/oauth2-apps-test.js +0 -301
package/test/sendonly-test.js +0 -160
package/test/test-config.js +0 -34
package/test/webhooks-server.js +0 -39

package/lib/routes-ui.js CHANGED Viewed

@@ -23,10 +23,10 @@ const {
     formatByteSize,
     getDuration,
     parseSignedFormData,
-    updatePublicInterfaces,
     hasEnvValue,
     retryAgent
 } = require('./tools');
+const { updatePublicInterfaces } = require('./utils/network');
 const packageData = require('../package.json');
 const he = require('he');
 const crypto = require('crypto');
@@ -42,7 +42,6 @@ const os = require('os');
 const {
     ADDRESS_STRATEGIES,
     settingsSchema,
-    templateSchemas,
     oauthCreateSchema,
     accountIdSchema,
     defaultAccountTypeSchema,
@@ -53,10 +52,7 @@ const fs = require('fs');
 const pathlib = require('path');
 const timezonesList = require('timezones-list').default;
 const { Client: ElasticSearch } = require('@elastic/elasticsearch');
-const { templates } = require('./templates');
-const { webhooks } = require('./webhooks');
 const { llmPreProcess } = require('./llm-pre-process');
-const wellKnownServices = require('nodemailer/lib/well-known/services.json');
 const { locales } = require('./translations');
 const capa = require('./capa');
 const exampleWebhookPayloads = require('./payload-examples-webhooks.json');
@@ -70,6 +66,8 @@ const base32 = require('base32.js');
 const { simpleParser } = require('mailparser');
 const libmime = require('libmime');
+const adminEntitiesRoutes = require('./ui-routes/admin-entities-routes');
 const {
     DEFAULT_MAX_LOG_LINES,
     PDKDF2_ITERATIONS,
@@ -356,17 +354,6 @@ const OKTA_OAUTH2_CLIENT_ID = readEnvValue('OKTA_OAUTH2_CLIENT_ID');
 const OKTA_OAUTH2_CLIENT_SECRET = readEnvValue('OKTA_OAUTH2_CLIENT_SECRET');
 const USE_OKTA_AUTH = !!(OKTA_OAUTH2_ISSUER && OKTA_OAUTH2_CLIENT_ID && OKTA_OAUTH2_CLIENT_SECRET);
-const CODE_FORMATS = [
-    {
-        format: 'html',
-        name: 'HTML'
-    },
-    {
-        format: 'markdown',
-        name: 'Markdown'
-    }
-];
 const oauthUpdateSchema = {
     app: Joi.string().empty('').max(255).example('gmail').label('Provider').required(),
@@ -870,6 +857,9 @@ async function getServerStatus(type) {
 }
 function applyRoutes(server, call) {
+    // Initialize admin entity routes (webhooks, templates, gateways, tokens)
+    adminEntitiesRoutes({ server, call });
     const getDefaultPrompt = async () =>
         await call({
             cmd: 'openAiDefaultPrompt'
@@ -1181,7 +1171,7 @@ function applyRoutes(server, call) {
                 return h.redirect('/admin/config/webhooks');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 return h.view(
@@ -1223,7 +1213,7 @@ function applyRoutes(server, call) {
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     return h
@@ -1375,7 +1365,7 @@ function applyRoutes(server, call) {
                 return h.redirect('/admin/config/service');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 return h.view(
@@ -1427,7 +1417,7 @@ function applyRoutes(server, call) {
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     return h
@@ -1624,7 +1614,7 @@ return true;`
                 return h.redirect('/admin/config/ai');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 let hasOpenAiAPIKey = !!(await settings.get('openAiAPIKey'));
@@ -1688,7 +1678,7 @@ return true;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let hasOpenAiAPIKey = !!(await settings.get('openAiAPIKey'));
@@ -2045,7 +2035,7 @@ return true;`
                 return h.redirect('/admin/config/logging');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 return h.view(
@@ -2080,7 +2070,7 @@ return true;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     return h
@@ -2512,11 +2502,11 @@ return true;`
             try {
                 await oauth2Apps.del(request.payload.app);
-                await request.flash({ type: 'info', message: `OAuth2 application was deleted` });
+                await request.flash({ type: 'info', message: `OAuth2 app deleted` });
                 return h.redirect('/admin/config/oauth');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete the OAuth2 application` });
+                await request.flash({ type: 'danger', message: `Couldn't delete OAuth2 app. Try again.` });
                 request.logger.error({ msg: 'Failed to delete OAuth2 application', err, app: request.payload.app, remoteAddress: request.app.ip });
                 return h.redirect(`/admin/config/oauth/app/${request.payload.app}`);
             }
@@ -2530,7 +2520,7 @@ return true;`
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete the OAuth2 application` });
+                    await request.flash({ type: 'danger', message: `Couldn't delete OAuth2 app. Try again.` });
                     request.logger.error({ msg: 'Failed to delete delete the OAuth2 application', err });
                     return h.redirect('/admin/config/oauth').takeover();
@@ -2650,10 +2640,10 @@ return true;`
                     await call({ cmd: 'googlePubSub', app: oauth2App.id });
                 }
-                await request.flash({ type: 'success', message: `OAuth2 application was registered` });
+                await request.flash({ type: 'success', message: `OAuth2 app created` });
                 return h.redirect(`/admin/config/oauth/app/${oauth2App.id}`);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to register OAuth2 app` });
+                await request.flash({ type: 'danger', message: `Couldn't register OAuth2 app. Try again.` });
                 request.logger.error({ msg: 'Failed to register OAuth2 app', err });
                 let { provider, baseScopes } = request.payload;
@@ -2733,7 +2723,7 @@ return true;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to register OAuth2 app` });
+                    await request.flash({ type: 'danger', message: `Couldn't register OAuth2 app. Try again.` });
                     request.logger.error({ msg: 'Failed to register OAuth2 app', err });
                     let { provider, baseScopes } = request.payload;
@@ -2840,2420 +2830,38 @@ return true;`
                     [`active${providerData.caseName}`]: true,
                     providerData,
-                    defaultRedirectUrl,
-                    appData,
-                    hasClientSecret: !!appData.clientSecret,
-                    hasServiceKey: !!appData.serviceKey,
-                    pubSubApps:
-                        pubSubApps &&
-                        pubSubApps.apps &&
-                        pubSubApps.apps.map(app => {
-                            if (app.id === values.pubSubApp) {
-                                app.selected = true;
-                            }
-                            return app;
-                        }),
-                    values,
-                    baseScopesApi: values.baseScopes === 'api',
-                    baseScopesImap: values.baseScopes === 'imap' || !values.baseScopes,
-                    baseScopesPubsub: values.baseScopes === 'pubsub',
-                    azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
-                        entry.selected = values.cloud === entry.id;
-                        return entry;
-                    }),
-                    authorityCommon: values.authority === 'common',
-                    authorityOrganizations: values.authority === 'organizations',
-                    authorityConsumers: values.authority === 'consumers',
-                    authorityTenant: !!values.tenant
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/config/oauth').takeover();
-                },
-                params: Joi.object({
-                    app: Joi.string().empty('').max(255).example('gmail').label('Provider').required()
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/config/oauth/edit',
-        async handler(request, h) {
-            let appData = await oauth2Apps.get(request.payload.app);
-            if (!appData) {
-                let error = Boom.boomify(new Error('Application was not found.'), { statusCode: 404 });
-                throw error;
-            }
-            try {
-                let updates = Object.assign({}, request.payload);
-                updates.extraScopes = updates.extraScopes
-                    .split(/\s+/)
-                    .map(scope => scope.trim())
-                    .filter(scope => scope);
-                updates.skipScopes = updates.skipScopes
-                    .split(/\s+/)
-                    .map(scope => scope.trim())
-                    .filter(scope => scope);
-                if (updates.authority === 'tenant') {
-                    updates.authority = updates.tenant;
-                }
-                delete updates.tenant;
-                let oauth2App = await oauth2Apps.update(appData.id, updates);
-                if (!oauth2App || !oauth2App.id) {
-                    throw new Error('Unexpected result');
-                }
-                if (oauth2App && oauth2App.pubsubUpdates && oauth2App.pubsubUpdates.pubSubSubscription) {
-                    await call({ cmd: 'googlePubSub', app: oauth2App.id });
-                }
-                await request.flash({ type: 'success', message: `OAuth2 application was updated` });
-                return h.redirect(`/admin/config/oauth/app/${oauth2App.id}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update OAuth2 app` });
-                request.logger.error({ msg: 'Failed to update OAuth2 app', app: request.payload.app, err });
-                let providerData = oauth2ProviderData(appData.provider, appData.cloud);
-                let serviceUrl = await settings.get('serviceUrl');
-                let defaultRedirectUrl = `${serviceUrl}/oauth`;
-                if (appData.provider === 'outlook') {
-                    defaultRedirectUrl = defaultRedirectUrl.replace(/^http:\/\/127\.0\.0\.1\b/i, 'http://localhost');
-                }
-                let pubSubApps = await oauth2Apps.list(0, 1000, { pubsub: true });
-                return h.view(
-                    'config/oauth/edit',
-                    {
-                        pageTitle: 'OAuth2',
-                        menuConfig: true,
-                        menuConfigOauth: true,
-                        [`active${providerData.caseName}`]: true,
-                        providerData,
-                        defaultRedirectUrl,
-                        appData,
-                        hasClientSecret: !!appData.clientSecret,
-                        hasServiceKey: !!appData.serviceKey,
-                        pubSubApps:
-                            pubSubApps &&
-                            pubSubApps.apps &&
-                            pubSubApps.apps.map(app => {
-                                if (app.id === request.payload.pubSubApp) {
-                                    app.selected = true;
-                                }
-                                return app;
-                            }),
-                        baseScopesApi: request.payload.baseScopes === 'api',
-                        baseScopesImap: request.payload.baseScopes === 'imap' || !request.payload.baseScopes,
-                        baseScopesPubsub: request.payload.baseScopes === 'pubsub',
-                        azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
-                            entry.selected = request.payload.cloud === entry.id;
-                            return entry;
-                        }),
-                        authorityCommon: request.payload.authority === 'common',
-                        authorityOrganizations: request.payload.authority === 'organizations',
-                        authorityConsumers: request.payload.authority === 'consumers',
-                        authorityTenant: request.payload.authority === 'tenant'
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    let appData = await oauth2Apps.get(request.payload.app);
-                    if (!appData) {
-                        await request.flash({ type: 'danger', message: `Application was not found.` });
-                        request.logger.error({ msg: 'Application was not found.', app: request.payload.app });
-                        return h.redirect('/admin').takeover();
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to update OAuth2 app` });
-                    request.logger.error({ msg: 'Failed to update OAuth2 app', err });
-                    let { provider } = request.payload;
-                    if (!provider || !OAUTH_PROVIDERS.hasOwnProperty(provider)) {
-                        return h.redirect('/admin').takeover();
-                    }
-                    let providerData = oauth2ProviderData(provider);
-                    let serviceUrl = await settings.get('serviceUrl');
-                    let defaultRedirectUrl = `${serviceUrl}/oauth`;
-                    if (provider === 'outlook') {
-                        defaultRedirectUrl = defaultRedirectUrl.replace(/^http:\/\/127\.0\.0\.1\b/i, 'http://localhost');
-                    }
-                    let pubSubApps = await oauth2Apps.list(0, 1000, { pubsub: true });
-                    return h
-                        .view(
-                            'config/oauth/edit',
-                            {
-                                pageTitle: 'OAuth2',
-                                menuConfig: true,
-                                menuConfigOauth: true,
-                                [`active${providerData.caseName}`]: true,
-                                providerData,
-                                defaultRedirectUrl,
-                                appData,
-                                hasClientSecret: !!appData.clientSecret,
-                                hasServiceKey: !!appData.serviceKey,
-                                pubSubApps:
-                                    pubSubApps &&
-                                    pubSubApps.apps &&
-                                    pubSubApps.apps.map(app => {
-                                        if (app.id === request.payload.pubSubApp) {
-                                            app.selected = true;
-                                        }
-                                        return app;
-                                    }),
-                                baseScopesApi: request.payload.baseScopes === 'api',
-                                baseScopesImap: request.payload.baseScopes === 'imap' || !request.payload.baseScopes,
-                                baseScopesPubsub: request.payload.baseScopes === 'pubsub',
-                                azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
-                                    entry.selected = request.payload.cloud === entry.id;
-                                    return entry;
-                                }),
-                                authorityCommon: request.payload.authority === 'common',
-                                authorityOrganizations: request.payload.authority === 'organizations',
-                                authorityConsumers: request.payload.authority === 'consumers',
-                                authorityTenant: request.payload.authority === 'tenant',
-                                errors
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object(oauthUpdateSchema)
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/webhooks',
-        async handler(request, h) {
-            let data = await webhooks.list(request.query.page - 1, request.query.pageSize);
-            let nextPage = false;
-            let prevPage = false;
-            if (request.query.account) {
-                let accountObject = new Account({ redis, account: request.query.account });
-                data.account = await accountObject.loadAccountData();
-            }
-            let getPagingUrl = page => {
-                let url = new URL(`admin/webhooks`, 'http://localhost');
-                if (page) {
-                    url.searchParams.append('page', page);
-                }
-                if (request.query.pageSize !== DEFAULT_PAGE_SIZE) {
-                    url.searchParams.append('pageSize', request.query.pageSize);
-                }
-                return url.pathname + url.search;
-            };
-            if (data.pages > data.page + 1) {
-                nextPage = getPagingUrl(data.page + 2);
-            }
-            if (data.page > 0) {
-                prevPage = getPagingUrl(data.page);
-            }
-            let newLink = new URL('/admin/webhooks/new', 'http://localhost');
-            return h.view(
-                'webhooks/index',
-                {
-                    pageTitle: 'Webhook Routing',
-                    menuWebhooks: true,
-                    newLink: newLink.pathname + newLink.search,
-                    showPaging: data.pages > 1,
-                    nextPage,
-                    prevPage,
-                    firstPage: data.page === 0,
-                    pageLinks: new Array(data.pages || 1).fill(0).map((z, i) => ({
-                        url: getPagingUrl(i + 1),
-                        title: i + 1,
-                        active: i === data.page
-                    })),
-                    webhooksEnabled: await settings.get('webhooksEnabled'),
-                    webhooks: data.webhooks
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/webhooks').takeover();
-                },
-                query: Joi.object({
-                    page: Joi.number().integer().min(1).max(1000000).default(1),
-                    pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/webhooks/new',
-        async handler(request, h) {
-            const values = {
-                name: '',
-                description: '',
-                contentFnJson: JSON.stringify(`/*
-// The following example passes webhooks for new emails that appear in the Inbox of the user "testaccount".
-// NB! Gmail webhooks are always emitted from the "All Mail" folder, not the Inbox, so we need to check both the path and label values.
-const isInbox = payload.path === 'INBOX' || payload.data?.labels?.includes('\\\\Inbox');
-if (payload.event === 'messageNew' && payload.account === 'testaccount' && isInbox) {
-    return true;
-}
-*/`),
-                contentMapJson: JSON.stringify(`// By default the output payload is returned unmodified.
-return payload;`)
-            };
-            return h.view(
-                'webhooks/new',
-                {
-                    pageTitle: 'Webhook Routing',
-                    menuWebhooks: true,
-                    values,
-                    examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                    notificationTypesJson: JSON.stringify(notificationTypes),
-                    scriptEnvJson: JSON.stringify((await settings.get('scriptEnv')) || '{}')
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/webhooks').takeover();
-                },
-                query: Joi.object({})
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/webhooks/new',
-        async handler(request, h) {
-            let contentFn, contentMap;
-            try {
-                if (request.payload.contentFnJson === '') {
-                    contentFn = null;
-                } else {
-                    contentFn = JSON.parse(request.payload.contentFnJson);
-                    if (typeof contentFn !== 'string') {
-                        throw new Error('Invalid Format');
-                    }
-                }
-            } catch (err) {
-                err.details = {
-                    contentFnJson: 'Invalid JSON'
-                };
-                throw err;
-            }
-            try {
-                if (request.payload.contentMapJson === '') {
-                    contentMap = null;
-                } else {
-                    contentMap = JSON.parse(request.payload.contentMapJson);
-                    if (typeof contentMap !== 'string') {
-                        throw new Error('Invalid Format');
-                    }
-                }
-            } catch (err) {
-                err.details = {
-                    contentMapJson: 'Invalid JSON'
-                };
-                throw err;
-            }
-            let customHeaders = request.payload.customHeaders
-                .split(/[\r\n]+/)
-                .map(header => header.trim())
-                .filter(header => header)
-                .map(line => {
-                    let sep = line.indexOf(':');
-                    if (sep >= 0) {
-                        return {
-                            key: line.substring(0, sep).trim(),
-                            value: line.substring(sep + 1).trim()
-                        };
-                    }
-                    return {
-                        key: line,
-                        value: ''
-                    };
-                });
-            try {
-                let createRequest = await webhooks.create(
-                    {
-                        name: request.payload.name,
-                        description: request.payload.description,
-                        targetUrl: request.payload.targetUrl,
-                        enabled: request.payload.enabled,
-                        customHeaders
-                    },
-                    {
-                        fn: contentFn,
-                        map: contentMap
-                    }
-                );
-                await request.flash({ type: 'info', message: `Webhook routing was created` });
-                return h.redirect(`/admin/webhooks/webhook/${createRequest.id}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to create webhook routing` });
-                request.logger.error({ msg: 'Failed to create webhook routing', err });
-                return h.view(
-                    'webhooks/new',
-                    {
-                        pageTitle: 'Webhook Routing',
-                        menuWebhooks: true,
-                        errors: err.details,
-                        examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                        notificationTypesJson: JSON.stringify(notificationTypes),
-                        scriptEnvJson: JSON.stringify((await settings.get('scriptEnv')) || '{}')
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to create webhook routing` });
-                    request.logger.error({ msg: 'Failed to create webhook routing', err });
-                    return h
-                        .view(
-                            'templates/new',
-                            {
-                                pageTitle: 'Templates',
-                                menuTemplates: true,
-                                errors,
-                                examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                                notificationTypesJson: JSON.stringify(notificationTypes)
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    name: Joi.string().max(256).example('Transaction receipt').description('Name of the routing').label('RoutingName').required(),
-                    description: Joi.string()
-                        .allow('')
-                        .max(1024)
-                        .example('Something about the routing')
-                        .description('Optional description of the webhook routing')
-                        .label('RoutingDescription'),
-                    targetUrl: Joi.string()
-                        .uri({
-                            scheme: ['http', 'https'],
-                            allowRelative: false
-                        })
-                        .allow('')
-                        .default('')
-                        .example('https://myservice.com/imap/webhooks')
-                        .description('Webhook target URL'),
-                    enabled: Joi.boolean()
-                        .truthy('Y', 'true', '1', 'on')
-                        .falsy('N', 'false', 0, '')
-                        .default(false)
-                        .example(false)
-                        .description('Is the routing enabled'),
-                    customHeaders: Joi.string()
-                        .allow('')
-                        .trim()
-                        .max(10 * 1024)
-                        .description('Custom request headers'),
-                    contentFnJson: Joi.string()
-                        .max(1024 * 1024)
-                        .default('')
-                        .allow('')
-                        .trim()
-                        .description('Filter function'),
-                    contentMapJson: Joi.string()
-                        .max(1024 * 1024)
-                        .default('')
-                        .allow('')
-                        .trim()
-                        .description('Map function')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/webhooks/webhook/{webhook}',
-        async handler(request, h) {
-            let webhook = await webhooks.get(request.params.webhook);
-            if (!webhook) {
-                let error = Boom.boomify(new Error('Webhook Route was not found.'), { statusCode: 404 });
-                throw error;
-            }
-            webhook.targetUrlShort = webhook.targetUrl ? new URL(webhook.targetUrl).hostname : false;
-            const errorLog = ((await webhooks.getErrorLog(webhook.id)) || []).map(entry => {
-                if (entry.error && typeof entry.error === 'string') {
-                    entry.error = entry.error
-                        .replace(/\r?\n/g, '\n')
-                        .replace(/^\s+at\s+.*$/gm, '')
-                        .replace(/\n+/g, '\n')
-                        .trim()
-                        .replace(/(evalmachine.<anonymous>:)(\d+)/, (o, p, n) => p + (Number(n) - 1));
-                }
-                return entry;
-            });
-            return h.view(
-                'webhooks/webhook',
-                {
-                    pageTitle: 'Webhook Routing',
-                    menuWebhooks: true,
-                    webhook,
-                    errorLog
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/webhooks').takeover();
-                },
-                params: Joi.object({
-                    webhook: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Webhook Route ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/webhooks/webhook/{webhook}/edit',
-        async handler(request, h) {
-            let webhook = await webhooks.get(request.params.webhook);
-            if (!webhook) {
-                let error = Boom.boomify(new Error('Webhook Route not found.'), { statusCode: 404 });
-                throw error;
-            }
-            const values = {
-                webhook: webhook.id,
-                name: webhook.name,
-                description: webhook.description,
-                targetUrl: webhook.targetUrl,
-                enabled: webhook.enabled,
-                contentFnJson: JSON.stringify(webhook.content.fn || ''),
-                contentMapJson: JSON.stringify(webhook.content.map || ''),
-                customHeaders: []
-                    .concat(webhook.customHeaders || [])
-                    .map(entry => `${entry.key}: ${entry.value}`.trim())
-                    .join('\n')
-            };
-            return h.view(
-                'webhooks/edit',
-                {
-                    pageTitle: 'Webhook Routing',
-                    menuWebhooks: true,
-                    webhook,
-                    values,
-                    examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                    notificationTypesJson: JSON.stringify(notificationTypes),
-                    scriptEnvJson: JSON.stringify((await settings.get('scriptEnv')) || '{}')
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/webhooks').takeover();
-                },
-                params: Joi.object({
-                    webhook: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Webhook Route ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/webhooks/edit',
-        async handler(request, h) {
-            let contentFn, contentMap;
-            try {
-                if (request.payload.contentFnJson === '') {
-                    contentFn = null;
-                } else {
-                    contentFn = JSON.parse(request.payload.contentFnJson);
-                    if (typeof contentFn !== 'string') {
-                        throw new Error('Invalid Format');
-                    }
-                }
-            } catch (err) {
-                err.details = {
-                    contentFnJson: 'Invalid JSON'
-                };
-                throw err;
-            }
-            try {
-                if (request.payload.contentMapJson === '') {
-                    contentMap = null;
-                } else {
-                    contentMap = JSON.parse(request.payload.contentMapJson);
-                    if (typeof contentMap !== 'string') {
-                        throw new Error('Invalid Format');
-                    }
-                }
-            } catch (err) {
-                err.details = {
-                    contentMapJson: 'Invalid JSON'
-                };
-                throw err;
-            }
-            let customHeaders = request.payload.customHeaders
-                .split(/[\r\n]+/)
-                .map(header => header.trim())
-                .filter(header => header)
-                .map(line => {
-                    let sep = line.indexOf(':');
-                    if (sep >= 0) {
-                        return {
-                            key: line.substring(0, sep).trim(),
-                            value: line.substring(sep + 1).trim()
-                        };
-                    }
-                    return {
-                        key: line,
-                        value: ''
-                    };
-                });
-            try {
-                await webhooks.update(
-                    request.payload.webhook,
-                    {
-                        name: request.payload.name,
-                        description: request.payload.description,
-                        targetUrl: request.payload.targetUrl,
-                        enabled: request.payload.enabled,
-                        customHeaders
-                    },
-                    {
-                        fn: contentFn,
-                        map: contentMap
-                    }
-                );
-                await request.flash({ type: 'info', message: `Webhook Route settings were updated` });
-                return h.redirect(`/admin/webhooks/webhook/${request.payload.webhook}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update Webhook Route` });
-                request.logger.error({ msg: 'Failed to update Webhook Route', err });
-                let webhook = await webhooks.get(request.payload.webhook);
-                if (!webhook) {
-                    let error = Boom.boomify(new Error('Webhook Route not found.'), { statusCode: 404 });
-                    throw error;
-                }
-                return h.view(
-                    'webhooks/edit',
-                    {
-                        pageTitle: 'Webhook Routing',
-                        menuWebhooks: true,
-                        webhook,
-                        errors: err.details,
-                        examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                        notificationTypesJson: JSON.stringify(notificationTypes),
-                        scriptEnvJson: JSON.stringify((await settings.get('scriptEnv')) || '{}')
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to update Webhook Route` });
-                    request.logger.error({ msg: 'Failed to update Webhook Route', err });
-                    let webhook = await webhooks.get(request.payload.webhook);
-                    if (!webhook) {
-                        let error = Boom.boomify(new Error('Webhook Route not found.'), { statusCode: 404 });
-                        throw error;
-                    }
-                    return h
-                        .view(
-                            'webhooks/edit',
-                            {
-                                pageTitle: 'Webhook Routing',
-                                menuWebhooks: true,
-                                webhook,
-                                errors,
-                                examplePayloadsJson: JSON.stringify(await getExampleWebhookPayloads()),
-                                notificationTypesJson: JSON.stringify(notificationTypes),
-                                scriptEnvJson: JSON.stringify((await settings.get('scriptEnv')) || '{}')
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    webhook: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Webhook Route ID'),
-                    name: Joi.string().max(256).example('Transaction receipt').description('Name of the routing').label('RoutingName').required(),
-                    description: Joi.string()
-                        .allow('')
-                        .max(1024)
-                        .example('Something about the routing')
-                        .description('Optional description of the webhook routing')
-                        .label('RoutingDescription'),
-                    targetUrl: Joi.string()
-                        .uri({
-                            scheme: ['http', 'https'],
-                            allowRelative: false
-                        })
-                        .allow('')
-                        .default('')
-                        .example('https://myservice.com/imap/webhooks')
-                        .description('Webhook target URL'),
-                    enabled: Joi.boolean()
-                        .truthy('Y', 'true', '1', 'on')
-                        .falsy('N', 'false', 0, '')
-                        .default(false)
-                        .example(false)
-                        .description('Is the routing enabled'),
-                    customHeaders: Joi.string()
-                        .allow('')
-                        .trim()
-                        .max(10 * 1024)
-                        .description('Custom request headers'),
-                    contentFnJson: Joi.string()
-                        .max(1024 * 1024)
-                        .default('')
-                        .allow('')
-                        .trim()
-                        .description('Filter function'),
-                    contentMapJson: Joi.string()
-                        .max(1024 * 1024)
-                        .default('')
-                        .allow('')
-                        .trim()
-                        .description('Map function')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/webhooks/delete',
-        async handler(request, h) {
-            try {
-                await webhooks.del(request.payload.webhook);
-                await request.flash({ type: 'info', message: `Webhook Route was deleted` });
-                let accountWebhooksLink = new URL('/admin/webhooks', 'http://localhost');
-                return h.redirect(accountWebhooksLink.pathname + accountWebhooksLink.search);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete the Webhook Route` });
-                request.logger.error({ msg: 'Failed to delete Webhook Route', err, webhook: request.payload.webhook, remoteAddress: request.app.ip });
-                return h.redirect(`/admin/webhooks/webhook/${request.payload.webhook}`);
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete Webhook Route` });
-                    request.logger.error({ msg: 'Failed to delete delete Webhook Route', err });
-                    return h.redirect('/admin/webhooks').takeover();
-                },
-                payload: Joi.object({
-                    webhook: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Webhook Route ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/templates',
-        async handler(request, h) {
-            let data = await templates.list(request.query.account, request.query.page - 1, request.query.pageSize);
-            let nextPage = false;
-            let prevPage = false;
-            if (request.query.account) {
-                let accountObject = new Account({ redis, account: request.query.account });
-                data.account = await accountObject.loadAccountData();
-            }
-            let getPagingUrl = page => {
-                let url = new URL(`admin/templates`, 'http://localhost');
-                url.searchParams.append('page', page);
-                if (request.query.account) {
-                    url.searchParams.append('account', request.query.account);
-                }
-                if (request.query.pageSize !== DEFAULT_PAGE_SIZE) {
-                    url.searchParams.append('pageSize', request.query.pageSize);
-                }
-                return url.pathname + url.search;
-            };
-            if (data.pages > data.page + 1) {
-                nextPage = getPagingUrl(data.page + 2);
-            }
-            if (data.page > 0) {
-                prevPage = getPagingUrl(data.page);
-            }
-            let newLink = new URL('/admin/templates/new', 'http://localhost');
-            if (request.query.account) {
-                newLink.searchParams.append('account', request.query.account);
-            }
-            return h.view(
-                'templates/index',
-                {
-                    pageTitle: 'Templates',
-                    menuTemplates: true,
-                    account: data.account,
-                    newLink: newLink.pathname + newLink.search,
-                    showPaging: data.pages > 1,
-                    nextPage,
-                    prevPage,
-                    firstPage: data.page === 0,
-                    pageLinks: new Array(data.pages || 1).fill(0).map((z, i) => ({
-                        url: getPagingUrl(i + 1),
-                        title: i + 1,
-                        active: i === data.page
-                    })),
-                    templates: data.templates
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/templates').takeover();
-                },
-                query: Joi.object({
-                    account: accountIdSchema.default(null),
-                    page: Joi.number().integer().min(1).max(1000000).default(1),
-                    pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/templates/template/{template}',
-        async handler(request, h) {
-            let template = await templates.get(request.params.template);
-            if (!template) {
-                let error = Boom.boomify(new Error('Template not found.'), { statusCode: 404 });
-                throw error;
-            }
-            let account;
-            if (template.account) {
-                let accountObject = new Account({ redis, account: template.account });
-                account = await accountObject.loadAccountData();
-            }
-            let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-            if (account) {
-                accountTemplatesLink.searchParams.append('account', account.account);
-            }
-            return h.view(
-                'templates/template',
-                {
-                    pageTitle: 'Templates',
-                    menuTemplates: true,
-                    account,
-                    accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                    format: CODE_FORMATS.find(entry => entry.format === template.format),
-                    template
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/templates').takeover();
-                },
-                params: Joi.object({
-                    template: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Template ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/templates/template/{template}/edit',
-        async handler(request, h) {
-            let template = await templates.get(request.params.template);
-            if (!template) {
-                let error = Boom.boomify(new Error('Template not found.'), { statusCode: 404 });
-                throw error;
-            }
-            let account;
-            if (template.account) {
-                let accountObject = new Account({ redis, account: template.account });
-                account = await accountObject.loadAccountData();
-            }
-            let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-            if (account) {
-                accountTemplatesLink.searchParams.append('account', account.account);
-            }
-            const values = {
-                template: template.id,
-                name: template.name,
-                description: template.description,
-                subject: template.content.subject,
-                format: template.format,
-                previewText: template.content.previewText
-            };
-            return h.view(
-                'templates/edit',
-                {
-                    pageTitle: 'Templates',
-                    menuTemplates: true,
-                    account,
-                    accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                    template,
-                    formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === values.format }, format)),
-                    values,
-                    contentHtmlJson: JSON.stringify(template.content.html || ''),
-                    contentTextJson: JSON.stringify(template.content.text || '')
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/templates').takeover();
-                },
-                params: Joi.object({
-                    template: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Template ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/templates/edit',
-        async handler(request, h) {
-            try {
-                await templates.update(
-                    request.payload.template,
-                    {
-                        name: request.payload.name,
-                        description: request.payload.description,
-                        format: request.payload.format
-                    },
-                    {
-                        subject: request.payload.subject,
-                        html: request.payload.contentHtml,
-                        text: request.payload.contentText,
-                        previewText: request.payload.previewText
-                    }
-                );
-                await request.flash({ type: 'info', message: `Template settings were updated` });
-                return h.redirect(`/admin/templates/template/${request.payload.template}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update template` });
-                request.logger.error({ msg: 'Failed to update template', err });
-                let template = await templates.get(request.payload.template);
-                if (!template) {
-                    let error = Boom.boomify(new Error('Template not found.'), { statusCode: 404 });
-                    throw error;
-                }
-                let account;
-                if (template.account) {
-                    let accountObject = new Account({ redis, account: template.account });
-                    account = await accountObject.loadAccountData();
-                }
-                let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-                if (account) {
-                    accountTemplatesLink.searchParams.append('account', account.account);
-                }
-                return h.view(
-                    'templates/edit',
-                    {
-                        pageTitle: 'Templates',
-                        menuTemplates: true,
-                        account,
-                        accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                        template,
-                        formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === request.payload.format }, format)),
-                        errors: err.details,
-                        contentHtmlJson: JSON.stringify(request.payload.contentHtml || ''),
-                        contentTextJson: JSON.stringify(request.payload.contentText || '')
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to update template` });
-                    request.logger.error({ msg: 'Failed to update template', err });
-                    let template = await templates.get(request.payload.template);
-                    if (!template) {
-                        let error = Boom.boomify(new Error('Template not found.'), { statusCode: 404 });
-                        throw error;
-                    }
-                    let account;
-                    if (template.account) {
-                        let accountObject = new Account({ redis, account: template.account });
-                        account = await accountObject.loadAccountData();
-                    }
-                    let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-                    if (account) {
-                        accountTemplatesLink.searchParams.append('account', account.account);
-                    }
-                    return h
-                        .view(
-                            'templates/edit',
-                            {
-                                pageTitle: 'Templates',
-                                menuTemplates: true,
-                                account,
-                                accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                                template,
-                                formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === request.payload.format }, format)),
-                                errors,
-                                contentHtmlJson: JSON.stringify(request.payload.contentHtml || ''),
-                                contentTextJson: JSON.stringify(request.payload.contentText || '')
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    template: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Template ID'),
-                    name: Joi.string().max(256).example('Transaction receipt').description('Name of the template').label('TemplateName').required(),
-                    description: Joi.string()
-                        .allow('')
-                        .max(1024)
-                        .example('Something about the template')
-                        .description('Optional description of the template')
-                        .label('TemplateDescription'),
-                    format: Joi.string().valid('html', 'markdown').default('html').description('Markup language for HTML ("html" or "markdown")'),
-                    subject: templateSchemas.subject,
-                    contentText: templateSchemas.text,
-                    contentHtml: templateSchemas.html,
-                    previewText: templateSchemas.previewText
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/templates/new',
-        async handler(request, h) {
-            let account;
-            if (request.query.account) {
-                let accountObject = new Account({ redis, account: request.query.account });
-                account = await accountObject.loadAccountData();
-            }
-            let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-            if (account) {
-                accountTemplatesLink.searchParams.append('account', account.account);
-            }
-            const values = {
-                account: request.query.account,
-                name: '',
-                description: '',
-                subject: '',
-                format: 'html',
-                contentHtml: '',
-                contentText: '',
-                previewText: ''
-            };
-            return h.view(
-                'templates/new',
-                {
-                    pageTitle: 'Templates',
-                    menuTemplates: true,
-                    account,
-                    accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                    formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === values.format }, format)),
-                    values,
-                    contentHtmlJson: JSON.stringify(''),
-                    contentTextJson: JSON.stringify('')
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/templates').takeover();
-                },
-                query: Joi.object({
-                    account: accountIdSchema.default(null)
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/templates/new',
-        async handler(request, h) {
-            try {
-                let createRequest = await templates.create(
-                    request.payload.account,
-                    {
-                        name: request.payload.name,
-                        description: request.payload.description,
-                        format: request.payload.format
-                    },
-                    {
-                        subject: request.payload.subject,
-                        html: request.payload.contentHtml,
-                        text: request.payload.contentText,
-                        previewText: request.payload.previewText
-                    }
-                );
-                await request.flash({ type: 'info', message: `Template was created` });
-                return h.redirect(`/admin/templates/template/${createRequest.id}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to create template` });
-                request.logger.error({ msg: 'Failed to create template', err });
-                let account;
-                if (request.payload.account) {
-                    let accountObject = new Account({ redis, account: request.payload.account });
-                    account = await accountObject.loadAccountData();
-                }
-                let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-                if (account) {
-                    accountTemplatesLink.searchParams.append('account', account.account);
-                }
-                return h.view(
-                    'templates/new',
-                    {
-                        pageTitle: 'Templates',
-                        menuTemplates: true,
-                        account,
-                        accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                        formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === request.payload.format }, format)),
-                        errors: err.details,
-                        contentHtmlJson: JSON.stringify(request.payload.contentHtml || ''),
-                        contentTextJson: JSON.stringify(request.payload.contentText || '')
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to create template` });
-                    request.logger.error({ msg: 'Failed to create template', err });
-                    let account;
-                    if (request.payload.account) {
-                        let accountObject = new Account({ redis, account: request.payload.account });
-                        account = await accountObject.loadAccountData();
-                    }
-                    let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-                    if (account) {
-                        accountTemplatesLink.searchParams.append('account', account.account);
-                    }
-                    return h
-                        .view(
-                            'templates/new',
-                            {
-                                pageTitle: 'Templates',
-                                menuTemplates: true,
-                                account,
-                                accountTemplatesLink: accountTemplatesLink.pathname + accountTemplatesLink.search,
-                                formats: CODE_FORMATS.map(format => Object.assign({ selected: format.format === request.payload.format }, format)),
-                                errors,
-                                contentHtmlJson: JSON.stringify(request.payload.contentHtml || ''),
-                                contentTextJson: JSON.stringify(request.payload.contentText || '')
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    account: accountIdSchema.default(null),
-                    name: Joi.string().max(256).example('Transaction receipt').description('Name of the template').label('TemplateName').required(),
-                    description: Joi.string()
-                        .allow('')
-                        .max(1024)
-                        .example('Something about the template')
-                        .description('Optional description of the template')
-                        .label('TemplateDescription'),
-                    format: Joi.string().valid('html', 'markdown').default('html').description('Markup language for HTML ("html" or "markdown")'),
-                    subject: templateSchemas.subject,
-                    contentText: templateSchemas.text,
-                    contentHtml: templateSchemas.html,
-                    previewText: templateSchemas.previewText
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/templates/delete',
-        async handler(request, h) {
-            try {
-                let templateResponse = await templates.del(request.payload.template);
-                await request.flash({ type: 'info', message: `Template was deleted` });
-                let accountTemplatesLink = new URL('/admin/templates', 'http://localhost');
-                if (templateResponse && templateResponse.account) {
-                    accountTemplatesLink.searchParams.append('account', templateResponse.account);
-                }
-                return h.redirect(accountTemplatesLink.pathname + accountTemplatesLink.search);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete the template` });
-                request.logger.error({ msg: 'Failed to delete the template', err, template: request.payload.template, remoteAddress: request.app.ip });
-                return h.redirect(`/admin/templates/template/${request.payload.template}`);
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete the account` });
-                    request.logger.error({ msg: 'Failed to delete delete the account', err });
-                    return h.redirect('/admin/templates').takeover();
-                },
-                payload: Joi.object({
-                    template: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Template ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/templates/test',
-        async handler(request) {
-            try {
-                request.logger.info({ msg: 'Trying to send test message', payload: request.payload });
-                let template = await templates.get(request.payload.template);
-                if (!template) {
-                    return {
-                        error: 'Template was not found'
-                    };
-                }
-                let accountId = template.account || request.payload.account;
-                if (!accountId) {
-                    return { error: 'Account ID not provided' };
-                }
-                let accountObject = new Account({ redis, account: accountId, call, secret: await getSecret() });
-                let account;
-                try {
-                    account = await accountObject.loadAccountData();
-                } catch (err) {
-                    return {
-                        error: err.message
-                    };
-                }
-                try {
-                    return await accountObject.queueMessage(
-                        {
-                            account: account.account,
-                            template: template.id,
-                            from: {
-                                name: account.name,
-                                address: account.email
-                            },
-                            to: [{ name: '', address: request.payload.to }],
-                            render: {
-                                params: request.payload.params || {}
-                            },
-                            copy: false,
-                            deliveryAttempts: 0
-                        },
-                        { source: 'ui' }
-                    );
-                } catch (err) {
-                    return {
-                        error: err.message
-                    };
-                }
-            } catch (err) {
-                request.logger.error({ msg: 'Failed sending test message', err });
-                return {
-                    success: false,
-                    error: err.message
-                };
-            }
-        },
-        options: {
-            tags: ['test'],
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                failAction,
-                payload: Joi.object({
-                    account: accountIdSchema.default(null),
-                    template: Joi.string()
-                        .base64({ paddingRequired: false, urlSafe: true })
-                        .max(512)
-                        .example('AAAAAQAACnA')
-                        .required()
-                        .description('Template ID'),
-                    to: Joi.string().email().required().description('Recipient address'),
-                    params: Joi.object().description('Optional handlebars values').unknown()
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/gateways',
-        async handler(request, h) {
-            let gatewayObject = new Gateway({ redis });
-            let gateways = await gatewayObject.listGateways(request.query.page - 1, request.query.pageSize);
-            if (gateways.pages < request.query.page) {
-                request.query.page = gateways.pages;
-            }
-            let nextPage = false;
-            let prevPage = false;
-            let getPagingUrl = page => {
-                let url = new URL(`admin/gateways`, 'http://localhost');
-                url.searchParams.append('page', page);
-                if (request.query.pageSize !== DEFAULT_PAGE_SIZE) {
-                    url.searchParams.append('pageSize', request.query.pageSize);
-                }
-                return url.pathname + url.search;
-            };
-            if (gateways.pages > gateways.page + 1) {
-                nextPage = getPagingUrl(gateways.page + 2);
-            }
-            if (gateways.page > 0) {
-                prevPage = getPagingUrl(gateways.page);
-            }
-            return h.view(
-                'gateways/index',
-                {
-                    pageTitle: 'Email Gateways',
-                    menuGateways: true,
-                    showPaging: gateways.pages > 1,
-                    nextPage,
-                    prevPage,
-                    firstPage: gateways.page === 0,
-                    pageLinks: new Array(gateways.pages || 1).fill(0).map((z, i) => ({
-                        url: getPagingUrl(i + 1),
-                        title: i + 1,
-                        active: i === gateways.page
-                    })),
-                    gateways: gateways.gateways.map(entry => {
-                        let label = {};
-                        if (entry.deliveries && !entry.lastError) {
-                            label.type = 'success';
-                            label.name = 'Connected';
-                        } else if (entry.lastError) {
-                            label.type = 'danger';
-                            label.name = 'Error';
-                            label.error = entry.lastError.response;
-                        } else {
-                            label.type = 'info';
-                            label.name = 'Not used';
-                        }
-                        return Object.assign(entry, {
-                            timeStr: entry.lastUse ? entry.lastUse.toISOString() : null,
-                            label
-                        });
-                    })
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/gateways').takeover();
-                },
-                query: Joi.object({
-                    page: Joi.number().integer().min(1).max(1000000).default(1),
-                    pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/gateways/new',
-        async handler(request, h) {
-            return h.view(
-                'gateways/new',
-                {
-                    pageTitle: 'Email Gateways',
-                    menuGateways: true,
-                    wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key])))
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/gateways/gateway/{gateway}',
-        async handler(request, h) {
-            let gatewayObject = new Gateway({ gateway: request.params.gateway, redis, secret: await getSecret() });
-            let gatewayData = await gatewayObject.loadGatewayData();
-            let label = {};
-            if (gatewayData.deliveries && !gatewayData.lastError) {
-                label.type = 'success';
-                label.name = 'Connected';
-            } else if (gatewayData.lastError) {
-                label.type = 'danger';
-                label.name = 'Error';
-                label.error = gatewayData.lastError.response;
-            } else {
-                label.type = 'info';
-                label.name = 'Not used';
-            }
-            return h.view(
-                'gateways/gateway',
-                {
-                    pageTitle: 'Email Gateways',
-                    menuGateways: true,
-                    wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key]))),
-                    gateway: gatewayData,
-                    label
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Invalid gateway request: ${err.message}` });
-                    return h.redirect('/admin/gateways').takeover();
-                },
-                params: Joi.object({
-                    gateway: Joi.string().max(256).required().example('sendgun').description('Gateway ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/gateways/edit/{gateway}',
-        async handler(request, h) {
-            let gatewayObject = new Gateway({ gateway: request.params.gateway, redis, secret: await getSecret() });
-            let gatewayData = await gatewayObject.loadGatewayData();
-            let hasSMTPPass = !!gatewayData.pass;
-            delete gatewayData.pass;
-            return h.view(
-                'gateways/edit',
-                {
-                    pageTitle: 'Email Gateways',
-                    menuGateways: true,
-                    wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key]))),
-                    values: gatewayData,
-                    gatewayData,
-                    hasSMTPPass
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Invalid gateway request: ${err.message}` });
-                    return h.redirect('/admin/gateways').takeover();
-                },
-                params: Joi.object({
-                    gateway: Joi.string().max(256).required().example('sendgun').description('Gateway ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/gateways/new',
-        async handler(request, h) {
-            try {
-                let gatewayData = {
-                    gateway: request.payload.gateway || null,
-                    name: request.payload.name || null,
-                    host: request.payload.host || null,
-                    port: request.payload.port || null,
-                    secure: request.payload.secure || null,
-                    user: request.payload.user || null,
-                    pass: request.payload.pass || null,
-                    tls: {}
-                };
-                let gatewayObject = new Gateway({ redis, secret: await getSecret() });
-                let result = await gatewayObject.create(gatewayData);
-                if (result.state === 'new') {
-                    await request.flash({ type: 'success', message: `Added new SMTP gateway`, result });
-                } else {
-                    await request.flash({ type: 'success', message: `Updated SMTP gateway`, result });
-                }
-                return h.redirect(`/admin/gateways/gateway/${encodeURIComponent(result.gateway)}?state=${result.state}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to add new gateway` });
-                request.logger.error({ msg: 'Failed to add new gateway', err });
-                return h.view(
-                    'gateways/new',
-                    {
-                        pageTitle: 'Email Gateways',
-                        menuGateways: true,
-                        wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key])))
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to add new gateway` });
-                    request.logger.error({ msg: 'Failed to add new gateway', err });
-                    return h
-                        .view(
-                            'gateways/new',
-                            {
-                                pageTitle: 'Email Gateways',
-                                menuGateways: true,
-                                wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key]))),
-                                errors
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    gateway: Joi.string().empty('').trim().max(256).default(null).example('sendgun').description('Gateway ID').label('Gateway ID'),
-                    name: Joi.string().empty('').max(256).example('John Smith').description('Account Name').label('Gateway Name').required(),
-                    user: Joi.string().empty('').trim().max(1024).default(null).label('UserName'),
-                    pass: Joi.string().empty('').max(1024).default(null).label('Password'),
-                    host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname').required(),
-                    port: Joi.number()
-                        .integer()
-                        .min(1)
-                        .max(64 * 1024)
-                        .example(465)
-                        .description('Service port number')
-                        .label('Port')
-                        .required(),
-                    secure: Joi.boolean()
-                        .truthy('Y', 'true', '1', 'on')
-                        .falsy('N', 'false', 0, '')
-                        .default(false)
-                        .example(true)
-                        .description('Should connection use TLS. Usually true for port 465')
-                        .label('TLS')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/gateways/edit',
-        async handler(request, h) {
-            try {
-                let gatewayData = {
-                    gateway: request.payload.gateway || null,
-                    name: request.payload.name || null,
-                    host: request.payload.host || null,
-                    port: request.payload.port || null,
-                    secure: request.payload.secure || null,
-                    user: request.payload.user || null
-                };
-                if (request.payload.pass) {
-                    gatewayData.pass = request.payload.pass;
-                }
-                if (!request.payload.user && !request.payload.pass) {
-                    gatewayData.pass = null;
-                }
-                let gatewayObject = new Gateway({ gateway: request.payload.gateway, redis, secret: await getSecret() });
-                let result = await gatewayObject.update(gatewayData);
-                await request.flash({ type: 'success', message: `Updated SMTP gateway`, result });
-                return h.redirect(`/admin/gateways/gateway/${encodeURIComponent(result.gateway)}`);
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update gateway` });
-                request.logger.error({ msg: 'Failed to update gateway', err });
-                let gatewayObject = new Gateway({ gateway: request.payload.gateway, redis, secret: await getSecret() });
-                let gatewayData = await gatewayObject.loadGatewayData();
-                let hasSMTPPass = !!gatewayData.pass;
-                return h.view(
-                    'gateways/edit',
-                    {
-                        pageTitle: 'Email Gateways',
-                        menuGateways: true,
-                        wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key]))),
-                        hasSMTPPass,
-                        gatewayData
-                    },
-                    {
-                        layout: 'app'
-                    }
-                );
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    let errors = {};
-                    if (err.details) {
-                        err.details.forEach(detail => {
-                            if (!errors[detail.path]) {
-                                errors[detail.path] = detail.message;
-                            }
-                        });
-                    }
-                    await request.flash({ type: 'danger', message: `Failed to update gateway` });
-                    request.logger.error({ msg: 'Failed to update gateway', err });
-                    let gatewayObject = new Gateway({ gateway: request.payload.gateway, redis, secret: await getSecret() });
-                    let gatewayData = await gatewayObject.loadGatewayData();
-                    let hasSMTPPass = !!gatewayData.pass;
-                    return h
-                        .view(
-                            'gateways/edit',
-                            {
-                                pageTitle: 'Email Gateways',
-                                menuGateways: true,
-                                wellKnownServices: JSON.stringify(Object.keys(wellKnownServices).map(key => Object.assign({ key }, wellKnownServices[key]))),
-                                hasSMTPPass,
-                                gatewayData,
-                                errors
-                            },
-                            {
-                                layout: 'app'
-                            }
-                        )
-                        .takeover();
-                },
-                payload: Joi.object({
-                    gateway: Joi.string().empty('').trim().max(256).default(null).example('sendgun').description('Gateway ID').label('Gateway ID').required(),
-                    name: Joi.string().empty('').max(256).example('John Smith').description('Account Name').label('Gateway Name').required(),
-                    user: Joi.string().empty('').trim().max(1024).default(null).label('UserName'),
-                    pass: Joi.string().empty('').max(1024).default(null).label('Password'),
-                    host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname').required(),
-                    port: Joi.number()
-                        .integer()
-                        .min(1)
-                        .max(64 * 1024)
-                        .example(465)
-                        .description('Service port number')
-                        .label('Port')
-                        .required(),
-                    secure: Joi.boolean()
-                        .truthy('Y', 'true', '1', 'on')
-                        .falsy('N', 'false', 0, '')
-                        .default(false)
-                        .example(true)
-                        .description('Should connection use TLS. Usually true for port 465')
-                        .label('TLS')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/gateways/test',
-        async handler(request) {
-            let { gateway, host, port, user, pass, secure } = request.payload;
-            try {
-                if (user && !pass && gateway) {
-                    let gatewayObject = new Gateway({ gateway, redis, secret: await getSecret() });
-                    try {
-                        let gatewayData = await gatewayObject.loadGatewayData();
-                        if (gatewayData) {
-                            pass = gatewayData.pass || '';
-                        }
-                    } catch (err) {
-                        // ignore
-                    }
-                }
-                let accountData = {
-                    smtp: {
-                        host,
-                        port,
-                        secure,
-                        auth:
-                            user || pass
-                                ? {
-                                      user,
-                                      pass: pass || ''
-                                  }
-                                : false
-                    }
-                };
-                let verifyResult = await verifyAccountInfo(redis, accountData, request.logger.child({ gateway, action: 'verify-gateway' }));
-                if (verifyResult) {
-                    if (verifyResult.smtp && verifyResult.smtp.error && verifyResult.smtp.code) {
-                        switch (verifyResult.smtp.code) {
-                            case 'EDNS':
-                                verifyResult.smtp.error = request.app.gt.gettext('Server hostname was not found');
-                                break;
-                            case 'EAUTH':
-                                verifyResult.smtp.error = request.app.gt.gettext('Invalid username or password');
-                                break;
-                            case 'ESOCKET':
-                                if (/openssl/.test(verifyResult.smtp.error)) {
-                                    verifyResult.smtp.error = request.app.gt.gettext('TLS protocol error');
-                                }
-                                break;
-                        }
-                    }
-                }
-                return verifyResult.smtp;
-            } catch (err) {
-                request.logger.error({ msg: 'Failed posting request', host, port, user, pass: !!pass, err });
-                return {
-                    success: false,
-                    error: err.message
-                };
-            }
-        },
-        options: {
-            tags: ['test'],
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                failAction,
-                payload: Joi.object({
-                    gateway: Joi.string().empty('').trim().max(256).example('sendgun').description('Gateway ID'),
-                    user: Joi.string().empty('').trim().max(1024).label('UserName'),
-                    pass: Joi.string().empty('').max(1024).label('Password'),
-                    host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname'),
-                    port: Joi.number()
-                        .integer()
-                        .min(1)
-                        .max(64 * 1024)
-                        .example(465)
-                        .description('Service port number')
-                        .label('Port'),
-                    secure: Joi.boolean()
-                        .truthy('Y', 'true', '1', 'on')
-                        .falsy('N', 'false', 0, '')
-                        .default(false)
-                        .example(true)
-                        .description('Should connection use TLS. Usually true for port 465')
-                        .label('TLS')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'POST',
-        path: '/admin/gateways/delete/{gateway}',
-        async handler(request, h) {
-            try {
-                let gatewayObject = new Gateway({ redis, gateway: request.params.gateway, secret: await getSecret() });
-                let deleted = await gatewayObject.delete();
-                if (deleted) {
-                    await request.flash({ type: 'info', message: `Gateway was deleted` });
-                }
-                return h.redirect('/admin/gateways');
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete the gateway` });
-                request.logger.error({ msg: 'Failed to delete the gateway', err, gateway: request.payload.gateway, remoteAddress: request.app.ip });
-                return h.redirect(`/admin/gateways/${request.params.gateway}`);
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete the gateway` });
-                    request.logger.error({ msg: 'Failed to delete delete the gateway', err });
-                    return h.redirect('/admin/gateways').takeover();
-                },
-                params: Joi.object({
-                    gateway: Joi.string().max(256).required().example('sendgun').description('Gateway ID')
-                })
-            }
-        }
-    });
-    server.route({
-        method: 'GET',
-        path: '/admin/tokens',
-        async handler(request, h) {
-            let accountData;
-            if (request.query.account) {
-                let accountObject = new Account({ redis, account: request.query.account });
-                accountData = await accountObject.loadAccountData();
-            }
-            const data = await tokens.list(request.query.account, request.query.page - 1, request.query.pageSize);
-            data.tokens.forEach(entry => {
-                entry.access = entry.access || {};
-                entry.access.timeStr =
-                    entry.access && entry.access.time && typeof entry.access.time.toISOString === 'function' ? entry.access.time.toISOString() : null;
-                entry.scopes = entry.scopes
-                    ? entry.scopes.map((scope, i) => ({
-                          name: scope === '*' ? 'all scopes' : scope,
-                          first: !i
-                      }))
-                    : false;
-            });
-            let nextPage = false;
-            let prevPage = false;
-            let getPagingUrl = page => {
-                let url = new URL(`admin/tokens`, 'http://localhost');
-                if (page) {
-                    url.searchParams.append('page', page);
-                }
-                if (request.query.pageSize !== DEFAULT_PAGE_SIZE) {
-                    url.searchParams.append('pageSize', request.query.pageSize);
-                }
-                return url.pathname + url.search;
-            };
-            if (data.pages > data.page + 1) {
-                nextPage = getPagingUrl(data.page + 2);
-            }
-            if (data.page > 0) {
-                prevPage = getPagingUrl(data.page);
-            }
-            let newLink = new URL('/admin/tokens/new', 'http://localhost');
-            if (request.query.account) {
-                newLink.searchParams.append('account', request.query.account);
-            }
-            return h.view(
-                'tokens/index',
-                {
-                    pageTitle: 'Access Tokens',
-                    menuTokens: true,
-                    data,
-                    account: accountData,
-                    showPaging: data.pages > 1,
-                    nextPage,
-                    prevPage,
-                    firstPage: data.page === 0,
-                    pageLinks: new Array(data.pages || 1).fill(0).map((z, i) => ({
-                        url: getPagingUrl(i + 1, request.query.state, request.query.query),
-                        title: i + 1,
-                        active: i === data.page
-                    })),
+                    defaultRedirectUrl,
-                    newLink: newLink.pathname + newLink.search
-                },
-                {
-                    layout: 'app'
-                }
-            );
-        },
+                    appData,
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
+                    hasClientSecret: !!appData.clientSecret,
+                    hasServiceKey: !!appData.serviceKey,
-                async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/tokens').takeover();
-                },
+                    pubSubApps:
+                        pubSubApps &&
+                        pubSubApps.apps &&
+                        pubSubApps.apps.map(app => {
+                            if (app.id === values.pubSubApp) {
+                                app.selected = true;
+                            }
+                            return app;
+                        }),
-                query: Joi.object({
-                    account: accountIdSchema.default(null),
-                    page: Joi.number().integer().min(1).max(1000000).default(1),
-                    pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
-                })
-            }
-        }
-    });
+                    values,
-    server.route({
-        method: 'GET',
-        path: '/admin/tokens/new',
-        async handler(request, h) {
-            let accountTokensLink = new URL('/admin/tokens', 'http://localhost');
+                    baseScopesApi: values.baseScopes === 'api',
+                    baseScopesImap: values.baseScopes === 'imap' || !values.baseScopes,
+                    baseScopesPubsub: values.baseScopes === 'pubsub',
-            let accountData;
-            if (request.query.account) {
-                let accountObject = new Account({ redis, account: request.query.account });
-                accountData = await accountObject.loadAccountData();
-                accountTokensLink.searchParams.append('account', request.query.account);
-            }
+                    azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
+                        entry.selected = values.cloud === entry.id;
+                        return entry;
+                    }),
-            return h.view(
-                'tokens/new',
-                {
-                    pageTitle: 'Access Tokens',
-                    menuTokens: true,
-                    values: {
-                        scopesAll: true,
-                        allAccounts: !request.query.account,
-                        account: request.query.account
-                    },
-                    account: accountData,
-                    accountTokensLink: accountTokensLink.pathname + accountTokensLink.search
+                    authorityCommon: values.authority === 'common',
+                    authorityOrganizations: values.authority === 'organizations',
+                    authorityConsumers: values.authority === 'consumers',
+                    authorityTenant: !!values.tenant
                 },
                 {
                     layout: 'app'
@@ -5270,11 +2878,11 @@ return payload;`)
                 },
                 async failAction(request, h /*, err*/) {
-                    return h.redirect('/admin/tokens').takeover();
+                    return h.redirect('/admin/config/oauth').takeover();
                 },
-                query: Joi.object({
-                    account: accountIdSchema.default(null)
+                params: Joi.object({
+                    app: Joi.string().empty('').max(255).example('gmail').label('Provider').required()
                 })
             }
         }
@@ -5282,74 +2890,99 @@ return payload;`)
     server.route({
         method: 'POST',
-        path: '/admin/tokens/new',
+        path: '/admin/config/oauth/edit',
+        async handler(request, h) {
+            let appData = await oauth2Apps.get(request.payload.app);
+            if (!appData) {
+                let error = Boom.boomify(new Error('Application was not found.'), { statusCode: 404 });
+                throw error;
+            }
-        async handler(request) {
             try {
-                let data = {
-                    ip: request.app.ip,
-                    remoteAddress: request.app.ip,
-                    description: request.payload.description,
-                    scopes: request.payload.scopes
-                };
+                let updates = Object.assign({}, request.payload);
+                updates.extraScopes = updates.extraScopes
+                    .split(/\s+/)
+                    .map(scope => scope.trim())
+                    .filter(scope => scope);
+                updates.skipScopes = updates.skipScopes
+                    .split(/\s+/)
+                    .map(scope => scope.trim())
+                    .filter(scope => scope);
-                if (request.payload.account) {
-                    let accountObject = new Account({ redis, account: request.payload.account });
-                    await accountObject.loadAccountData();
-                    data.account = request.payload.account;
+                if (updates.authority === 'tenant') {
+                    updates.authority = updates.tenant;
                 }
+                delete updates.tenant;
-                let token = await tokens.provision(data);
+                let oauth2App = await oauth2Apps.update(appData.id, updates);
+                if (!oauth2App || !oauth2App.id) {
+                    throw new Error('Unexpected result');
+                }
-                return {
-                    success: true,
-                    token
-                };
-            } catch (err) {
-                request.logger.error({ msg: 'Failed to generate token', err, remoteAddress: request.app.ip, description: request.payload.description });
-                if (Boom.isBoom(err)) {
-                    return Object.assign({ success: false }, err.output.payload);
+                if (oauth2App && oauth2App.pubsubUpdates && oauth2App.pubsubUpdates.pubSubSubscription) {
+                    await call({ cmd: 'googlePubSub', app: oauth2App.id });
                 }
-                return { success: false, error: err.code || 'Error', message: err.message };
-            }
-        },
-        options: {
-            validate: {
-                options: {
-                    stripUnknown: true,
-                    abortEarly: false,
-                    convert: true
-                },
-                failAction,
+                await request.flash({ type: 'success', message: `OAuth2 app saved` });
+                return h.redirect(`/admin/config/oauth/app/${oauth2App.id}`);
+            } catch (err) {
+                await request.flash({ type: 'danger', message: `Couldn't save OAuth2 app. Try again.` });
+                request.logger.error({ msg: 'Failed to update OAuth2 app', app: request.payload.app, err });
-                payload: Joi.object({
-                    description: Joi.string().empty('').trim().max(1024).required().example('Token description').description('Token description'),
-                    scopes: Joi.array()
-                        .items(Joi.string().valid('*', 'api', 'metrics', 'smtp', 'imap-proxy'))
-                        .required()
-                        .label('Scopes'),
-                    account: accountIdSchema.default(null)
-                })
-            }
-        }
-    });
+                let providerData = oauth2ProviderData(appData.provider, appData.cloud);
-    server.route({
-        method: 'POST',
-        path: '/admin/tokens/delete',
-        async handler(request, h) {
-            try {
-                let deleted = await tokens.delete(request.payload.token, { remoteAddress: request.app.ip });
-                if (deleted) {
-                    await request.flash({ type: 'info', message: `Access token was deleted` });
+                let serviceUrl = await settings.get('serviceUrl');
+                let defaultRedirectUrl = `${serviceUrl}/oauth`;
+                if (appData.provider === 'outlook') {
+                    defaultRedirectUrl = defaultRedirectUrl.replace(/^http:\/\/127\.0\.0\.1\b/i, 'http://localhost');
                 }
-                return h.redirect('/admin/tokens');
-            } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete access token` });
-                request.logger.error({ msg: 'Failed to delete access token', err, token: request.payload.token, remoteAddress: request.app.ip });
-                return h.redirect('/admin/tokens');
+                let pubSubApps = await oauth2Apps.list(0, 1000, { pubsub: true });
+                return h.view(
+                    'config/oauth/edit',
+                    {
+                        pageTitle: 'OAuth2',
+                        menuConfig: true,
+                        menuConfigOauth: true,
+                        [`active${providerData.caseName}`]: true,
+                        providerData,
+                        defaultRedirectUrl,
+                        appData,
+                        hasClientSecret: !!appData.clientSecret,
+                        hasServiceKey: !!appData.serviceKey,
+                        pubSubApps:
+                            pubSubApps &&
+                            pubSubApps.apps &&
+                            pubSubApps.apps.map(app => {
+                                if (app.id === request.payload.pubSubApp) {
+                                    app.selected = true;
+                                }
+                                return app;
+                            }),
+                        baseScopesApi: request.payload.baseScopes === 'api',
+                        baseScopesImap: request.payload.baseScopes === 'imap' || !request.payload.baseScopes,
+                        baseScopesPubsub: request.payload.baseScopes === 'pubsub',
+                        azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
+                            entry.selected = request.payload.cloud === entry.id;
+                            return entry;
+                        }),
+                        authorityCommon: request.payload.authority === 'common',
+                        authorityOrganizations: request.payload.authority === 'organizations',
+                        authorityConsumers: request.payload.authority === 'consumers',
+                        authorityTenant: request.payload.authority === 'tenant'
+                    },
+                    {
+                        layout: 'app'
+                    }
+                );
             }
         },
         options: {
@@ -5361,17 +2994,98 @@ return payload;`)
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete access token` });
-                    request.logger.error({ msg: 'Failed to delete access token', err });
+                    let errors = {};
+                    if (err.details) {
+                        err.details.forEach(detail => {
+                            if (!errors[detail.path]) {
+                                errors[detail.path] = detail.message;
+                            }
+                        });
+                    }
+                    let appData = await oauth2Apps.get(request.payload.app);
+                    if (!appData) {
+                        await request.flash({ type: 'danger', message: `Application not found` });
+                        request.logger.error({ msg: 'Application was not found.', app: request.payload.app });
+                        return h.redirect('/admin').takeover();
+                    }
+                    await request.flash({ type: 'danger', message: `Couldn't save OAuth2 app. Try again.` });
+                    request.logger.error({ msg: 'Failed to update OAuth2 app', err });
+                    let { provider } = request.payload;
+                    if (!provider || !OAUTH_PROVIDERS.hasOwnProperty(provider)) {
+                        return h.redirect('/admin').takeover();
+                    }
+                    let providerData = oauth2ProviderData(provider);
+                    let serviceUrl = await settings.get('serviceUrl');
+                    let defaultRedirectUrl = `${serviceUrl}/oauth`;
+                    if (provider === 'outlook') {
+                        defaultRedirectUrl = defaultRedirectUrl.replace(/^http:\/\/127\.0\.0\.1\b/i, 'http://localhost');
+                    }
+                    let pubSubApps = await oauth2Apps.list(0, 1000, { pubsub: true });
+                    return h
+                        .view(
+                            'config/oauth/edit',
+                            {
+                                pageTitle: 'OAuth2',
+                                menuConfig: true,
+                                menuConfigOauth: true,
+                                [`active${providerData.caseName}`]: true,
+                                providerData,
+                                defaultRedirectUrl,
+                                appData,
+                                hasClientSecret: !!appData.clientSecret,
+                                hasServiceKey: !!appData.serviceKey,
+                                pubSubApps:
+                                    pubSubApps &&
+                                    pubSubApps.apps &&
+                                    pubSubApps.apps.map(app => {
+                                        if (app.id === request.payload.pubSubApp) {
+                                            app.selected = true;
+                                        }
+                                        return app;
+                                    }),
+                                baseScopesApi: request.payload.baseScopes === 'api',
+                                baseScopesImap: request.payload.baseScopes === 'imap' || !request.payload.baseScopes,
+                                baseScopesPubsub: request.payload.baseScopes === 'pubsub',
+                                azureClouds: structuredClone(AZURE_CLOUDS).map(entry => {
+                                    entry.selected = request.payload.cloud === entry.id;
+                                    return entry;
+                                }),
-                    return h.redirect('/admin/tokens').takeover();
+                                authorityCommon: request.payload.authority === 'common',
+                                authorityOrganizations: request.payload.authority === 'organizations',
+                                authorityConsumers: request.payload.authority === 'consumers',
+                                authorityTenant: request.payload.authority === 'tenant',
+                                errors
+                            },
+                            {
+                                layout: 'app'
+                            }
+                        )
+                        .takeover();
                 },
-                payload: Joi.object({ token: Joi.string().length(64).hex().required().example('123456').description('Access token') })
+                payload: Joi.object(oauthUpdateSchema)
             }
         }
     });
+    // Webhook, template, gateway, and token routes are in admin-entities-routes.js
     server.route({
         method: 'GET',
         path: '/admin/config/license',
@@ -5424,12 +3138,12 @@ return payload;`)
                 }
                 if (licenseInfo.active) {
-                    await request.flash({ type: 'info', message: `License key was successfully registered` });
+                    await request.flash({ type: 'info', message: `License activated` });
                 }
                 return h.redirect('/admin/config/license');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to register license key` });
+                await request.flash({ type: 'danger', message: `Couldn't register license. Check the key and try again.` });
                 request.logger.error({ msg: 'Failed to register license key', err });
                 return h.view(
@@ -5471,7 +3185,7 @@ return payload;`)
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to register license key` });
+                    await request.flash({ type: 'danger', message: `Couldn't register license. Check the key and try again.` });
                     request.logger.error({ msg: 'Failed to register license key', err });
                     return h
@@ -5519,12 +3233,12 @@ return payload;`)
                     err.statusCode = 403;
                     throw err;
                 } else {
-                    await request.flash({ type: 'info', message: `License key was unregistered` });
+                    await request.flash({ type: 'info', message: `License removed` });
                 }
                 return h.redirect('/admin/config/license');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to unregister license key` });
+                await request.flash({ type: 'danger', message: `Couldn't remove license. Try again.` });
                 request.logger.error({ msg: 'Failed to unregister license key', err, token: request.payload.token, remoteAddress: request.app.ip });
                 return h.redirect('/admin/config/license');
             }
@@ -5538,7 +3252,7 @@ return payload;`)
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to unregister license key` });
+                    await request.flash({ type: 'danger', message: `Couldn't remove license. Try again.` });
                     request.logger.error({ msg: 'Failed to unregister license key', err });
                     return h.redirect('/admin/config/license').takeover();
@@ -5601,8 +3315,8 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 }
                 if (licenseInfo.active) {
-                    await request.flash({ type: 'info', message: `Trial license was activated` });
-                    return { success: true, message: `Trial license was activated` };
+                    await request.flash({ type: 'info', message: `Trial activated` });
+                    return { success: true, message: `Trial activated` };
                 }
                 throw new Error('Failed to activate provisioned trial license');
@@ -5765,7 +3479,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                     return h.redirect('/admin');
                 }
             } catch (err) {
-                await request.flash({ type: 'danger', message: err.responseText || `Failed to authenticate` });
+                await request.flash({ type: 'danger', message: err.responseText || `Sign-in failed. Check your password and try again.` });
                 request.logger.error({ msg: 'Failed to authenticate', err });
                 let errors = err.details;
@@ -5805,7 +3519,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to authenticate` });
+                    await request.flash({ type: 'danger', message: `Sign-in failed. Check your password and try again.` });
                     request.logger.error({ msg: 'Failed to authenticate', err });
                     return h
@@ -5914,7 +3628,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 let totpSeed = await settings.get('totpSeed');
                 if (!totpSeed) {
-                    await request.flash({ type: 'danger', message: `2FA setup not initiated` });
+                    await request.flash({ type: 'danger', message: `Start two-factor auth setup first` });
                     return h.redirect(`/admin/login`);
                 }
@@ -5954,7 +3668,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
             } catch (err) {
                 if (!err.details || !err.details.code) {
                     // skip error message if code is invalid
-                    await request.flash({ type: 'danger', message: err.responseText || `Failed to verify login` });
+                    await request.flash({ type: 'danger', message: err.responseText || `Verification failed. Check your code and try again.` });
                 }
                 request.logger.error({ msg: 'Failed to verify login', err });
@@ -5993,7 +3707,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to verify login` });
+                    await request.flash({ type: 'danger', message: `Verification failed. Check your code and try again.` });
                     request.logger.error({ msg: 'Failed to verify login', err });
                     return h
@@ -6112,7 +3826,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
             try {
                 let totpSeed = await settings.get('totpSeed');
                 if (!totpSeed) {
-                    await request.flash({ type: 'danger', message: `2FA setup not initiated` });
+                    await request.flash({ type: 'danger', message: `Start two-factor auth setup first` });
                     return h.redirect(`/admin/account/security`);
                 }
@@ -6124,7 +3838,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 });
                 if (!verified) {
-                    await request.flash({ type: 'danger', message: `TOTP code verification failed` });
+                    await request.flash({ type: 'danger', message: `Invalid verification code` });
                     return h.redirect(`/admin/account/security`);
                 }
@@ -6140,10 +3854,10 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                     }
                 }
-                await request.flash({ type: 'success', message: `Two-factor authentication was enabled` });
+                await request.flash({ type: 'success', message: `Two-factor auth enabled` });
                 return h.redirect(`/admin/account/security`);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to enable 2FA` });
+                await request.flash({ type: 'danger', message: `Couldn't enable two-factor auth. Try again.` });
                 request.logger.error({ msg: 'Failed to enable 2FA', err, remoteAddress: request.app.ip });
                 return h.redirect(`/admin/account/security`);
             }
@@ -6157,7 +3871,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to enable 2FA` });
+                    await request.flash({ type: 'danger', message: `Couldn't enable two-factor auth. Try again.` });
                     request.logger.error({ msg: 'Failed to enable 2FA', err });
                     return h.redirect('/admin').takeover();
@@ -6183,10 +3897,10 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 await settings.set('totpEnabled', false);
                 await settings.set('totpSeed', false);
-                await request.flash({ type: 'info', message: `Two-factor authentication was disabled` });
+                await request.flash({ type: 'info', message: `Two-factor auth disabled` });
                 return h.redirect(`/admin/account/security`);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to disable 2FA` });
+                await request.flash({ type: 'danger', message: `Couldn't disable two-factor auth. Try again.` });
                 request.logger.error({ msg: 'Failed to enable 2FA', err, remoteAddress: request.app.ip });
                 return h.redirect(`/admin/account/security`);
             }
@@ -6200,7 +3914,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to disable 2FA` });
+                    await request.flash({ type: 'danger', message: `Couldn't disable two-factor auth. Try again.` });
                     request.logger.error({ msg: 'Failed to disable 2FA', err });
                     return h.redirect('/admin').takeover();
@@ -6233,7 +3947,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 await request.flash({ type: 'info', message: `User logged out` });
                 return h.redirect('/');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to log out user sessions` });
+                await request.flash({ type: 'danger', message: `Couldn't log out sessions. Try again.` });
                 request.logger.error({ msg: 'Failed to log out user sessions', err, remoteAddress: request.app.ip });
                 return h.redirect(`/admin/account/security`);
             }
@@ -6247,7 +3961,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to log out user sessions` });
+                    await request.flash({ type: 'danger', message: `Couldn't log out sessions. Try again.` });
                     request.logger.error({ msg: 'Failed to log out user sessions', err });
                     return h.redirect('/admin').takeover();
@@ -6336,16 +4050,16 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 }
                 if (!hasExistingPassword) {
-                    await request.flash({ type: 'info', message: `Authentication password set` });
+                    await request.flash({ type: 'info', message: `Password saved` });
                     return h.redirect('/admin');
                 }
-                await request.flash({ type: 'info', message: `Authentication password updated` });
+                await request.flash({ type: 'info', message: `Password updated` });
                 return h.redirect('/admin/account/password');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update password` });
+                await request.flash({ type: 'danger', message: `Couldn't update password. Try again.` });
                 request.logger.error({ msg: 'Failed to update password', err });
                 let username = (request.auth && request.auth.credentials && request.auth.credentials.user) || 'admin';
@@ -6386,7 +4100,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update account password` });
+                    await request.flash({ type: 'danger', message: `Couldn't update password. Try again.` });
                     request.logger.error({ msg: 'Failed to update account password', err });
                     let username = (request.auth && request.auth.credentials && request.auth.credentials.user) || 'admin';
@@ -6705,12 +4419,8 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
             const nonce = data.n || crypto.randomBytes(NONCE_BYTES).toString('base64url');
-            // store account data
-            await redis
-                .multi()
-                .set(`${REDIS_PREFIX}account:add:${nonce}`, JSON.stringify(accountData))
-                .expire(`${REDIS_PREFIX}account:add:${nonce}`, Math.floor(MAX_FORM_TTL / 1000))
-                .exec();
+            // store account data with atomic SET + EX
+            await redis.set(`${REDIS_PREFIX}account:add:${nonce}`, JSON.stringify(accountData), 'EX', Math.floor(MAX_FORM_TTL / 1000));
             // Generate the url that will be used for the consent dialog.
@@ -6790,7 +4500,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 async failAction(request, h, err) {
                     request.logger.error({ msg: 'Failed to validate request arguments', err });
-                    let error = Boom.boomify(new Error(request.app.gt.gettext('Failed to validate request arguments')), { statusCode: 400 });
+                    let error = Boom.boomify(new Error(request.app.gt.gettext('Invalid request. Check your input and try again.')), { statusCode: 400 });
                     if (err.code) {
                         error.output.payload.code = err.code;
                     }
@@ -6823,7 +4533,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 async failAction(request, h, err) {
                     request.logger.error({ msg: 'Failed to validate request arguments', err });
-                    let error = Boom.boomify(new Error(request.app.gt.gettext('Failed to validate request arguments')), { statusCode: 400 });
+                    let error = Boom.boomify(new Error(request.app.gt.gettext('Invalid request. Check your input and try again.')), { statusCode: 400 });
                     if (err.code) {
                         error.output.payload.code = err.code;
                     }
@@ -6920,7 +4630,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: request.app.gt.gettext('Failed to process account') });
+                    await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't set up account. Try again.`) });
                     request.logger.error({ msg: 'Failed to process account', err });
                     return h
@@ -7185,7 +4895,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: request.app.gt.gettext('Failed to process account') });
+                    await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't set up account. Try again.`) });
                     request.logger.error({ msg: 'Failed to process account', err });
                     return h
@@ -7491,12 +5201,12 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 let deleted = await accountObject.delete();
                 if (deleted) {
-                    await request.flash({ type: 'info', message: `Account was deleted` });
+                    await request.flash({ type: 'info', message: `Account deleted` });
                 }
                 return h.redirect('/admin/accounts');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete the account` });
+                await request.flash({ type: 'danger', message: `Couldn't delete account. Try again.` });
                 request.logger.error({ msg: 'Failed to delete the account', err, account: request.payload.account, remoteAddress: request.app.ip });
                 return h.redirect(`/admin/accounts/${request.params.account}`);
             }
@@ -7510,7 +5220,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete the account` });
+                    await request.flash({ type: 'danger', message: `Couldn't delete account. Try again.` });
                     request.logger.error({ msg: 'Failed to delete delete the account', err });
                     return h.redirect('/admin/accounts').takeover();
@@ -7712,7 +5422,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
             let authData = await settings.get('authData');
             let hasExistingPassword = !!(authData && authData.password);
             if (!hasExistingPassword) {
-                await request.flash({ type: 'info', message: `Authorization required to access messages` });
+                await request.flash({ type: 'info', message: `Set a password to access messages` });
                 return h.redirect('/admin/account/password');
             }
@@ -7721,7 +5431,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 if (request.cookieAuth) {
                     request.cookieAuth.clear();
                 }
-                await request.flash({ type: 'info', message: `Re-authentication required` });
+                await request.flash({ type: 'info', message: `Sign in again to continue` });
                 return h.redirect('/admin/login?next=' + encodeURIComponent('/admin/accounts/{account}/browse'));
             }
@@ -7743,7 +5453,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
             const canReadMail = (accountData.imap || accountData.oauth2) && !(accountData.imap && accountData.imap.disabled) && !DISABLE_MESSAGE_BROWSER;
             if (!canReadMail) {
-                await request.flash({ type: 'danger', message: `Mail access is disabled for the selected account` });
+                await request.flash({ type: 'danger', message: `Mail access is disabled for this account` });
                 return h.redirect(`/admin/accounts/${request.params.account}`);
             }
@@ -7948,7 +5658,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 return h.redirect(`/admin/accounts/${request.params.account}`);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update account settings` });
+                await request.flash({ type: 'danger', message: `Couldn't save account settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update account settings', err, account: request.params.account });
                 let accountObject = new Account({ redis, account: request.params.account, call, secret: await getSecret() });
@@ -7997,7 +5707,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let accountObject = new Account({ redis, account: request.params.account, call, secret: await getSecret() });
@@ -8171,7 +5881,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 return h.redirect('/admin/config/document-store');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 let hasDocumentStorePassword = !!(await settings.get('documentStorePassword'));
@@ -8211,7 +5921,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let hasDocumentStorePassword = !!(await settings.get('documentStorePassword'));
@@ -8284,7 +5994,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                 return h.redirect('/admin/config/document-store/chat');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 return h.view(
@@ -8325,7 +6035,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     return h
@@ -8440,10 +6150,10 @@ return payload;`
                     documentStorePreProcessingMap: contentMap
                 });
-                await request.flash({ type: 'info', message: `Pre-processing rules for the Document Store were updated` });
+                await request.flash({ type: 'info', message: `Document Store rules saved` });
                 return h.redirect(`/admin/config/document-store/pre-processing`);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update Document Store pre-processing rules` });
+                await request.flash({ type: 'danger', message: `Couldn't save Document Store rules. Try again.` });
                 request.logger.error({ msg: 'Failed to update Document Store pre-processing rules', err });
                 return h.view(
@@ -8483,7 +6193,7 @@ return payload;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update Document Store pre-processing rules` });
+                    await request.flash({ type: 'danger', message: `Couldn't save Document Store rules. Try again.` });
                     request.logger.error({ msg: 'Failed to update Document Store pre-processing rules', err });
                     return h
@@ -8653,7 +6363,7 @@ return payload;`
                 if (Boom.isBoom(err)) {
                     await request.flash({ type: 'danger', message: err.message });
                 } else {
-                    await request.flash({ type: 'danger', message: err.responseText || `Failed to create mapping` });
+                    await request.flash({ type: 'danger', message: err.responseText || `Couldn't create mapping. Try again.` });
                 }
                 request.logger.error({ msg: 'Failed to create mapping', err });
@@ -8691,7 +6401,7 @@ return payload;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to create mapping` });
+                    await request.flash({ type: 'danger', message: `Couldn't create mapping. Try again.` });
                     request.logger.error({ msg: 'Failed to create mapping', err });
                     return h
@@ -8901,7 +6611,7 @@ return payload;`
                 return h.redirect('/admin/config/network');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 let smtpStrategies = ADDRESS_STRATEGIES.map(entry => Object.assign({ selected: request.payload.smtpStrategy === entry.key }, entry));
@@ -8945,7 +6655,7 @@ return payload;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let smtpStrategies = ADDRESS_STRATEGIES.map(entry => Object.assign({ selected: request.payload.smtpStrategy === entry.key }, entry));
@@ -9002,10 +6712,10 @@ return payload;`
                 await redis.hdel(`${REDIS_PREFIX}interfaces`, localAddress);
-                await request.flash({ type: 'info', message: `Address was removed from the list` });
+                await request.flash({ type: 'info', message: `Address removed` });
                 return h.redirect('/admin/config/network');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to delete address` });
+                await request.flash({ type: 'danger', message: `Couldn't delete address. Try again.` });
                 request.logger.error({ msg: 'Failed to delete address', err, localAddress: request.payload.localAddress, remoteAddress: request.app.ip });
                 return h.redirect('/admin/config/network');
             }
@@ -9019,7 +6729,7 @@ return payload;`
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to delete address` });
+                    await request.flash({ type: 'danger', message: `Couldn't delete address. Try again.` });
                     request.logger.error({ msg: 'Failed to delete address', err });
                     return h.redirect('/admin/config/network').takeover();
@@ -9114,7 +6824,7 @@ return payload;`
                 return h.redirect('/admin/config/imap-proxy');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 let availableAddresses = new Set(
@@ -9166,7 +6876,7 @@ return payload;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let availableAddresses = new Set(
@@ -9288,7 +6998,7 @@ return payload;`
                 return h.redirect('/admin/config/smtp');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                 request.logger.error({ msg: 'Failed to update configuration', err });
                 let availableAddresses = new Set(
@@ -9340,7 +7050,7 @@ return payload;`
                         });
                     }
-                    await request.flash({ type: 'danger', message: `Failed to update configuration` });
+                    await request.flash({ type: 'danger', message: `Couldn't save settings. Try again.` });
                     request.logger.error({ msg: 'Failed to update configuration', err });
                     let availableAddresses = new Set(
@@ -9742,7 +7452,7 @@ ${now}`,
                 async failAction(request, h, err) {
                     request.logger.error({ msg: 'Failed to validate request arguments', err });
-                    let error = Boom.boomify(new Error(request.app.gt.gettext('Failed to validate request arguments')), { statusCode: 400 });
+                    let error = Boom.boomify(new Error(request.app.gt.gettext('Invalid request. Check your input and try again.')), { statusCode: 400 });
                     if (err.code) {
                         error.output.payload.code = err.code;
                     }
@@ -9844,7 +7554,7 @@ ${now}`,
                     }
                 );
             } catch (err) {
-                await request.flash({ type: 'danger', message: request.app.gt.gettext('Failed to process request') });
+                await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't process request. Try again.`) });
                 request.logger.error({ msg: 'Failed to process subscription request', err });
                 return h.view(
@@ -9879,7 +7589,7 @@ ${now}`,
                         });
                     }
-                    await request.flash({ type: 'danger', message: request.app.gt.gettext('Failed to process request') });
+                    await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't process request. Try again.`) });
                     request.logger.error({ msg: 'Failed to process subscription request', err });
                     return h
@@ -9916,15 +7626,8 @@ ${now}`,
             let defaultLocale = (await settings.get('locale')) || 'en';
-            let percentFormatter;
             let bytesFormatter;
-            let percentFormatterOpts = {
-                style: 'percent',
-                minimumFractionDigits: 2,
-                maximumFractionDigits: 2
-            };
             let bytesFormatterOpts = {
                 style: 'unit',
                 unit: 'byte',
@@ -9933,10 +7636,8 @@ ${now}`,
             };
             try {
-                percentFormatter = new Intl.NumberFormat(defaultLocale, percentFormatterOpts);
                 bytesFormatter = new Intl.NumberFormat(defaultLocale, bytesFormatterOpts);
             } catch (err) {
-                percentFormatter = new Intl.NumberFormat('en-US', percentFormatterOpts);
                 bytesFormatter = new Intl.NumberFormat('en-US', bytesFormatterOpts);
             }
@@ -10029,12 +7730,12 @@ ${now}`,
             try {
                 let killed = await call({ cmd: 'kill-thread', thread: request.payload.thread });
                 if (killed) {
-                    await request.flash({ type: 'info', message: `Thread was killed` });
+                    await request.flash({ type: 'info', message: `Worker stopped` });
                 }
                 return h.redirect('/admin/internals');
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to kill thread` });
+                await request.flash({ type: 'danger', message: `Couldn't stop worker. Try again.` });
                 request.logger.error({ msg: 'Failed to kill thread', err, thread: request.payload.thread, remoteAddress: request.app.ip });
                 return h.redirect('/admin/internals');
             }
@@ -10048,7 +7749,7 @@ ${now}`,
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to kill thread` });
+                    await request.flash({ type: 'danger', message: `Couldn't stop worker. Try again.` });
                     request.logger.error({ msg: 'Failed to kill thread', err });
                     return h.redirect('/admin/internals').takeover();
@@ -10086,7 +7787,7 @@ ${now}`,
                     .header('Pragma', 'no-cache')
                     .code(200);
             } catch (err) {
-                await request.flash({ type: 'danger', message: `Failed to generate snapshot` });
+                await request.flash({ type: 'danger', message: `Couldn't create snapshot. Try again.` });
                 request.logger.error({ msg: 'Failed to generate snapshot', err, thread: request.payload.thread, remoteAddress: request.app.ip });
                 return h.redirect('/admin/internals');
             }
@@ -10100,7 +7801,7 @@ ${now}`,
                 },
                 async failAction(request, h, err) {
-                    await request.flash({ type: 'danger', message: `Failed to generate snapshot` });
+                    await request.flash({ type: 'danger', message: `Couldn't create snapshot. Try again.` });
                     request.logger.error({ msg: 'Failed to generate snapshot', err });
                     return h.redirect('/admin/internals').takeover();
@@ -10124,12 +7825,12 @@ ${now}`,
             const threadInfo = threads.find(t => t.threadId === threadId);
             if (!threadInfo) {
-                await request.flash({ type: 'danger', message: 'Thread not found' });
+                await request.flash({ type: 'danger', message: `Worker not found` });
                 return h.redirect('/admin/internals');
             }
             if (threadInfo.type !== 'imap') {
-                await request.flash({ type: 'warning', message: 'Only email worker threads have assigned accounts' });
+                await request.flash({ type: 'warning', message: `Only email workers have assigned accounts` });
                 return h.redirect('/admin/internals');
             }