231 lines
8.2 KiB
JavaScript
231 lines
8.2 KiB
JavaScript
'use strict';
|
|
|
|
// FIXME: This does not work now because of missing lib/models/settings
|
|
|
|
let config = require('config');
|
|
let passport = require('../lib/passport');
|
|
let express = require('express');
|
|
let router = new express.Router();
|
|
let tools = require('../lib/tools');
|
|
let nodemailer = require('nodemailer');
|
|
let mailer = require('../lib/mailer');
|
|
let url = require('url');
|
|
let multer = require('multer');
|
|
let upload = multer();
|
|
let aws = require('aws-sdk');
|
|
let util = require('util');
|
|
let _ = require('../lib/translate')._;
|
|
const senders = require('../lib/senders');
|
|
|
|
let settings = require('../lib/models/settings');
|
|
|
|
let allowedKeys = ['service_url', 'smtp_hostname', 'smtp_port', 'smtp_encryption', 'smtp_disable_auth', 'smtp_user', 'smtp_pass', 'admin_email', 'smtp_log', 'smtp_max_connections', 'smtp_max_messages', 'smtp_self_signed', 'default_from', 'default_address', 'default_subject', 'default_homepage', 'default_postaddress', 'default_sender', 'verp_hostname', 'verp_use', 'disable_wysiwyg', 'pgp_private_key', 'pgp_passphrase', 'ua_code', 'shoutout', 'disable_confirmations', 'smtp_throttling', 'dkim_api_key', 'dkim_private_key', 'dkim_selector', 'dkim_domain', 'mail_transport', 'ses_key', 'ses_secret', 'ses_region'];
|
|
|
|
router.all('/*', (req, res, next) => {
|
|
if (!req.user) {
|
|
req.flash('danger', _('Need to be logged in to access restricted content'));
|
|
return res.redirect('/account/login?next=' + encodeURIComponent(req.originalUrl));
|
|
}
|
|
res.setSelectedMenu('/settings');
|
|
next();
|
|
});
|
|
|
|
router.get('/', passport.csrfProtection, (req, res, next) => {
|
|
settings.list((err, configItems) => {
|
|
if (err) {
|
|
return next(err);
|
|
}
|
|
|
|
configItems.smtpEncryption = [{
|
|
checked: configItems.smtpEncryption === 'TLS' || !configItems.smtpEncryption,
|
|
key: 'TLS',
|
|
value: _('Use TLS'),
|
|
description: _('usually selected for port 465')
|
|
}, {
|
|
checked: configItems.smtpEncryption === 'STARTTLS',
|
|
key: 'STARTTLS',
|
|
value: _('Use STARTTLS'),
|
|
description: _('usually selected for port 587 and 25')
|
|
}, {
|
|
checked: configItems.smtpEncryption === 'NONE',
|
|
key: 'NONE',
|
|
value: _('Do not use encryption')
|
|
}];
|
|
|
|
configItems.sesRegion = [{
|
|
checked: configItems.sesRegion === 'us-east-1' || !configItems.sesRegion,
|
|
key: 'us-east-1',
|
|
value: 'US-EAST-1'
|
|
}, {
|
|
checked: configItems.sesRegion === 'us-west-2',
|
|
key: 'us-west-2',
|
|
value: 'US-WEST-2'
|
|
}, {
|
|
checked: configItems.sesRegion === 'eu-west-1',
|
|
key: 'eu-west-1',
|
|
value: 'EU-WEST-1'
|
|
}];
|
|
|
|
configItems.useSMTP = configItems.mailTransport === 'smtp' || !configItems.mailTransport;
|
|
configItems.useSES = configItems.mailTransport === 'ses';
|
|
|
|
let urlparts = url.parse(configItems.serviceUrl);
|
|
configItems.verpHostname = configItems.verpHostname || 'bounces.' + (urlparts.hostname || 'localhost');
|
|
|
|
configItems.verpEnabled = config.verp.enabled;
|
|
configItems.csrfToken = req.csrfToken();
|
|
res.render('settings', configItems);
|
|
});
|
|
});
|
|
|
|
router.post('/update', passport.parseForm, passport.csrfProtection, (req, res) => {
|
|
|
|
let data = tools.convertKeys(req.body);
|
|
|
|
let keys = [];
|
|
let values = [];
|
|
|
|
Object.keys(data).forEach(key => {
|
|
let value = data[key].trim();
|
|
key = tools.toDbKey(key);
|
|
// ensure trailing slash for service home page
|
|
if (key === 'service_url' && value && !/\/$/.test(value)) {
|
|
value = value + '/';
|
|
}
|
|
if (allowedKeys.indexOf(key) >= 0) {
|
|
keys.push(key);
|
|
values.push(value);
|
|
}
|
|
});
|
|
|
|
// checkboxs are not included in value listing if left unchecked
|
|
['smtp_log', 'smtp_self_signed', 'smtp_disable_auth', 'verp_use', 'disable_wysiwyg', 'disable_confirmations'].forEach(key => {
|
|
if (keys.indexOf(key) < 0) {
|
|
keys.push(key);
|
|
values.push('');
|
|
}
|
|
});
|
|
|
|
let i = 0;
|
|
let storeSettings = () => {
|
|
if (i >= keys.length) {
|
|
mailer.update();
|
|
senders.workers.forEach(worker => {
|
|
worker.send({
|
|
reload: true
|
|
});
|
|
});
|
|
req.flash('success', _('Settings updated'));
|
|
return res.redirect('/settings');
|
|
}
|
|
let key = keys[i];
|
|
let value = values[i];
|
|
i++;
|
|
|
|
settings.set(key, value, err => {
|
|
if (err) {
|
|
req.flash('danger', err && err.message || err);
|
|
return res.redirect('/settings');
|
|
}
|
|
storeSettings();
|
|
});
|
|
};
|
|
|
|
storeSettings();
|
|
});
|
|
|
|
router.post('/smtp-verify', upload.array(), passport.parseForm, passport.csrfProtection, (req, res) => {
|
|
|
|
let data = tools.convertKeys(req.body);
|
|
|
|
// checkboxs are not included in value listing if left unchecked
|
|
['smtpLog', 'smtpSelfSigned', 'smtpDisableAuth'].forEach(key => {
|
|
if (!data.hasOwnProperty(key)) {
|
|
data[key] = false;
|
|
} else {
|
|
data[key] = true;
|
|
}
|
|
});
|
|
|
|
let transportOptions;
|
|
if (data.mailTransport === 'smtp') {
|
|
transportOptions = {
|
|
host: data.smtpHostname,
|
|
port: Number(data.smtpPort) || false,
|
|
secure: data.smtpEncryption === 'TLS',
|
|
ignoreTLS: data.smtpEncryption === 'NONE',
|
|
auth: data.smtpDisableAuth ? false : {
|
|
user: data.smtpUser,
|
|
pass: data.smtpPass
|
|
},
|
|
tls: {
|
|
rejectUnauthorized: !data.smtpSelfSigned
|
|
}
|
|
};
|
|
} else if (data.mailTransport === 'ses') {
|
|
transportOptions = {
|
|
SES: new aws.SES({
|
|
apiVersion: '2010-12-01',
|
|
accessKeyId: data.sesKey,
|
|
secretAccessKey: data.sesSecret,
|
|
region: data.sesRegion
|
|
})
|
|
};
|
|
} else {
|
|
return res.json({
|
|
error: _('Invalid mail transport type')
|
|
});
|
|
}
|
|
|
|
let transport = nodemailer.createTransport(transportOptions);
|
|
|
|
transport.verify(err => {
|
|
if (err) {
|
|
let message = '';
|
|
switch (err.code) {
|
|
case 'InvalidClientTokenId':
|
|
message = _('Invalid Access Key');
|
|
break;
|
|
case 'SignatureDoesNotMatch':
|
|
message = _('Invalid AWS credentials');
|
|
break;
|
|
case 'ECONNREFUSED':
|
|
message = _('Connection refused, check hostname and port.');
|
|
break;
|
|
case 'ETIMEDOUT':
|
|
if ((err.message || '').indexOf('Greeting never received') === 0) {
|
|
if (data.smtpEncryption !== 'TLS') {
|
|
message = _('Did not receive greeting message from server. This might happen when connecting to a TLS port without using TLS.');
|
|
} else {
|
|
message = _('Did not receive greeting message from server.');
|
|
}
|
|
} else {
|
|
message = _('Connection timed out. Check your firewall settings, destination port is probably blocked.');
|
|
}
|
|
break;
|
|
case 'EAUTH':
|
|
if (/\b5\.7\.0\b/.test(err.message) && data.smtpEncryption !== 'STARTTLS') {
|
|
message = _('Authentication not accepted, server expects STARTTLS to be used.');
|
|
} else {
|
|
message = _('Authentication failed, check username and password.');
|
|
}
|
|
|
|
break;
|
|
}
|
|
if (!message && err.reason) {
|
|
message = err.reason;
|
|
}
|
|
|
|
res.json({
|
|
error: (message || _('Failed Mailer verification.')) + (err.response ? ' ' + util.format(_('Server responded with: "%s"'), err.response) : '')
|
|
});
|
|
} else {
|
|
res.json({
|
|
message: _('Mailer settings verified, ready to send some mail!')
|
|
});
|
|
}
|
|
});
|
|
|
|
});
|
|
|
|
module.exports = router;
|