aa67a09b80
New internal/mailer/ package:
- Sender interface with two impls: SMTPSender (production, reads
smtp_config at send time so admin edits apply without restart;
uses stdlib net/smtp + STARTTLS) and FakeSender (test/concurrent-
safe call recorder).
- Embedded text + HTML templates for the password reset email,
rendered via stdlib text/template + html/template. The HTML
uses the FabledSword forest-teal accent color.
- ErrNotConfigured surfaces when smtp_config.enabled is false or
required fields are empty; callers like the future forgot-password
handler will treat this as "log and pretend success" to avoid
user-enumeration leaks.
Three admin endpoints under RequireAdmin:
- GET /api/admin/smtp-config — returns the singleton; password
field is masked ("***" or "").
- PUT /api/admin/smtp-config — updates settings. Validates
host + from_address are non-empty when enabled=true. Empty
password in the request preserves the stored value (so the
operator doesn't have to re-enter it on every save).
- POST /api/admin/smtp-config/test — sends a real test email to
the calling admin's email. 400 if admin has no email; 500 with
the error message on send failure (so the operator can debug
config without grep-then-trace through logs).
Tests cover the password-mask, password-preservation-on-empty,
enabled-requires-host-and-from validation, and the no-email-on-file
rejection. Mailer unit tests cover the fake recorder and template
rendering. The "real SMTP send" path needs a live server and isn't
covered in CI; the FakeSender covers that role for downstream tests.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
136 lines
4.2 KiB
Go
136 lines
4.2 KiB
Go
package api
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"errors"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
|
|
"git.fabledsword.com/bvandeusen/minstrel/internal/mailer"
|
|
)
|
|
|
|
type smtpConfigResp struct {
|
|
Enabled bool `json:"enabled"`
|
|
Host string `json:"host"`
|
|
Port int32 `json:"port"`
|
|
Username string `json:"username"`
|
|
Password string `json:"password"` // masked: "***" if non-empty, "" otherwise
|
|
FromAddress string `json:"from_address"`
|
|
FromName string `json:"from_name"`
|
|
UseTLS bool `json:"use_tls"`
|
|
}
|
|
|
|
type updateSMTPConfigReq struct {
|
|
Enabled bool `json:"enabled"`
|
|
Host string `json:"host"`
|
|
Port int32 `json:"port"`
|
|
Username string `json:"username"`
|
|
Password string `json:"password"` // empty string = preserve existing
|
|
FromAddress string `json:"from_address"`
|
|
FromName string `json:"from_name"`
|
|
UseTLS bool `json:"use_tls"`
|
|
}
|
|
|
|
func (h *handlers) handleGetSMTPConfig(w http.ResponseWriter, r *http.Request) {
|
|
q := dbq.New(h.pool)
|
|
cfg, err := q.GetSMTPConfig(r.Context())
|
|
if err != nil {
|
|
h.logger.Error("admin smtp: get failed", "err", err)
|
|
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
|
return
|
|
}
|
|
masked := ""
|
|
if cfg.Password != "" {
|
|
masked = "***"
|
|
}
|
|
writeJSON(w, http.StatusOK, smtpConfigResp{
|
|
Enabled: cfg.Enabled,
|
|
Host: cfg.Host,
|
|
Port: cfg.Port,
|
|
Username: cfg.Username,
|
|
Password: masked,
|
|
FromAddress: cfg.FromAddress,
|
|
FromName: cfg.FromName,
|
|
UseTLS: cfg.UseTls,
|
|
})
|
|
}
|
|
|
|
func (h *handlers) handleUpdateSMTPConfig(w http.ResponseWriter, r *http.Request) {
|
|
var req updateSMTPConfigReq
|
|
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
|
writeErr(w, http.StatusBadRequest, "invalid_body", "")
|
|
return
|
|
}
|
|
if req.Enabled {
|
|
if req.Host == "" || req.FromAddress == "" {
|
|
writeErr(w, http.StatusBadRequest, "missing_fields",
|
|
"host and from_address are required when enabled")
|
|
return
|
|
}
|
|
}
|
|
q := dbq.New(h.pool)
|
|
current, err := q.GetSMTPConfig(r.Context())
|
|
if err != nil {
|
|
h.logger.Error("admin smtp: get failed", "err", err)
|
|
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
|
return
|
|
}
|
|
// Preserve existing password when the request sends "" (so the
|
|
// admin doesn't have to re-enter it on every save).
|
|
password := req.Password
|
|
if password == "" {
|
|
password = current.Password
|
|
}
|
|
if err := q.UpdateSMTPConfig(r.Context(), dbq.UpdateSMTPConfigParams{
|
|
Enabled: req.Enabled,
|
|
Host: req.Host,
|
|
Port: req.Port,
|
|
Username: req.Username,
|
|
Password: password,
|
|
FromAddress: req.FromAddress,
|
|
FromName: req.FromName,
|
|
UseTls: req.UseTLS,
|
|
}); err != nil {
|
|
h.logger.Error("admin smtp: update failed", "err", err)
|
|
writeErr(w, http.StatusInternalServerError, "server_error", "")
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
func (h *handlers) handleTestSMTPConfig(w http.ResponseWriter, r *http.Request) {
|
|
caller, ok := auth.UserFromContext(r.Context())
|
|
if !ok {
|
|
writeErr(w, http.StatusUnauthorized, "auth_required", "")
|
|
return
|
|
}
|
|
if caller.Email == nil || *caller.Email == "" {
|
|
writeErr(w, http.StatusBadRequest, "no_email_on_file",
|
|
"set your email in /settings before testing SMTP")
|
|
return
|
|
}
|
|
|
|
// Use a short-circuit context so the SMTP send doesn't hang the
|
|
// HTTP request indefinitely on a misconfigured host.
|
|
ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
sender := mailer.NewSMTPSender(h.pool, h.logger)
|
|
textBody := "This is a test message from your Minstrel server.\n\nIf you got this, your SMTP config is working.\n\n— Minstrel"
|
|
htmlBody := "<p>This is a test message from your Minstrel server.</p><p>If you got this, your SMTP config is working.</p><p>— Minstrel</p>"
|
|
if err := sender.Send(ctx, *caller.Email, "Minstrel SMTP test", textBody, htmlBody); err != nil {
|
|
if errors.Is(err, mailer.ErrNotConfigured) {
|
|
writeErr(w, http.StatusBadRequest, "not_configured",
|
|
"SMTP is not enabled or required fields are empty")
|
|
return
|
|
}
|
|
h.logger.Error("admin smtp: test send failed", "err", err)
|
|
writeErr(w, http.StatusInternalServerError, "send_failed", err.Error())
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|