Sharkey/packages/backend/src/core/EmailService.ts

336 lines
8 KiB
TypeScript
Raw Normal View History

/*
* SPDX-FileCopyrightText: syuilo and other misskey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
2023-11-18 14:04:00 +02:00
import { URLSearchParams } from 'node:url';
2022-09-17 21:27:08 +03:00
import * as nodemailer from 'nodemailer';
import { Inject, Injectable } from '@nestjs/common';
import { validate as validateEmail } from 'deep-email-validator';
import { MetaService } from '@/core/MetaService.js';
import { UtilityService } from '@/core/UtilityService.js';
2022-09-17 21:27:08 +03:00
import { DI } from '@/di-symbols.js';
2022-09-20 23:33:11 +03:00
import type { Config } from '@/config.js';
2022-09-18 17:07:41 +03:00
import type Logger from '@/logger.js';
import type { UserProfilesRepository } from '@/models/_.js';
2022-09-18 17:07:41 +03:00
import { LoggerService } from '@/core/LoggerService.js';
import { bindThis } from '@/decorators.js';
import { HttpRequestService } from '@/core/HttpRequestService.js';
2022-09-17 21:27:08 +03:00
@Injectable()
export class EmailService {
2022-09-18 21:11:50 +03:00
private logger: Logger;
2022-09-17 21:27:08 +03:00
constructor(
@Inject(DI.config)
private config: Config,
@Inject(DI.userProfilesRepository)
private userProfilesRepository: UserProfilesRepository,
private metaService: MetaService,
2022-09-18 17:07:41 +03:00
private loggerService: LoggerService,
private utilityService: UtilityService,
private httpRequestService: HttpRequestService,
2022-09-17 21:27:08 +03:00
) {
2022-09-18 21:11:50 +03:00
this.logger = this.loggerService.getLogger('email');
2022-09-17 21:27:08 +03:00
}
@bindThis
2022-09-17 21:27:08 +03:00
public async sendEmail(to: string, subject: string, html: string, text: string) {
const meta = await this.metaService.fetch(true);
2022-09-17 21:27:08 +03:00
const iconUrl = `${this.config.url}/static-assets/mi-white.png`;
const emailSettingUrl = `${this.config.url}/settings/email`;
2022-09-17 21:27:08 +03:00
const enableAuth = meta.smtpUser != null && meta.smtpUser !== '';
2022-09-17 21:27:08 +03:00
const transporter = nodemailer.createTransport({
host: meta.smtpHost,
port: meta.smtpPort,
secure: meta.smtpSecure,
ignoreTLS: !enableAuth,
proxy: this.config.proxySmtp,
auth: enableAuth ? {
user: meta.smtpUser,
pass: meta.smtpPass,
} : undefined,
} as any);
2022-09-17 21:27:08 +03:00
try {
// TODO: htmlサニタイズ
const info = await transporter.sendMail({
from: meta.email!,
to: to,
subject: subject,
text: text,
html: `<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>${ subject }</title>
<style>
html {
background: #eee;
}
body {
padding: 16px;
margin: 0;
font-family: sans-serif;
font-size: 14px;
}
a {
text-decoration: none;
color: #86b300;
}
a:hover {
text-decoration: underline;
}
main {
max-width: 500px;
margin: 0 auto;
background: #fff;
color: #555;
}
main > header {
padding: 32px;
background: #86b300;
}
main > header > img {
max-width: 128px;
max-height: 28px;
vertical-align: bottom;
}
main > article {
padding: 32px;
}
main > article > h1 {
margin: 0 0 1em 0;
}
main > footer {
padding: 32px;
border-top: solid 1px #eee;
}
nav {
box-sizing: border-box;
max-width: 500px;
margin: 16px auto 0 auto;
padding: 0 32px;
}
nav > a {
color: #888;
}
</style>
</head>
<body>
<main>
<header>
<img src="${ meta.logoImageUrl ?? meta.iconUrl ?? iconUrl }"/>
</header>
<article>
<h1>${ subject }</h1>
<div>${ html }</div>
</article>
<footer>
<a href="${ emailSettingUrl }">${ 'Email setting' }</a>
</footer>
</main>
<nav>
<a href="${ this.config.url }">${ this.config.host }</a>
</nav>
</body>
</html>`,
});
2022-09-18 21:11:50 +03:00
this.logger.info(`Message sent: ${info.messageId}`);
2022-09-17 21:27:08 +03:00
} catch (err) {
2022-09-18 21:11:50 +03:00
this.logger.error(err as Error);
2022-09-17 21:27:08 +03:00
throw err;
}
}
@bindThis
2022-09-17 21:27:08 +03:00
public async validateEmailForAccount(emailAddress: string): Promise<{
available: boolean;
reason: null | 'used' | 'format' | 'disposable' | 'mx' | 'smtp' | 'banned' | 'network' | 'blacklist';
2022-09-17 21:27:08 +03:00
}> {
const meta = await this.metaService.fetch();
2022-09-17 21:27:08 +03:00
const exist = await this.userProfilesRepository.countBy({
emailVerified: true,
email: emailAddress,
});
2023-12-24 08:24:51 +02:00
let validated: {
valid: boolean,
reason?: string | null,
};
if (meta.enableActiveEmailValidation) {
2023-12-23 07:39:01 +02:00
if (meta.enableVerifymailApi && meta.verifymailAuthKey != null) {
validated = await this.verifyMail(emailAddress, meta.verifymailAuthKey);
} else if (meta.enableTruemailApi && meta.truemailInstance && meta.truemailAuthKey != null) {
validated = await this.trueMail(meta.truemailInstance, emailAddress, meta.truemailAuthKey);
} else {
validated = await validateEmail({
email: emailAddress,
validateRegex: true,
validateMx: true,
validateTypo: false, // TLDを見ているみたいだけどclubとか弾かれるので
validateDisposable: true, // 捨てアドかどうかチェック
validateSMTP: false, // 日本だと25ポートが殆どのプロバイダーで塞がれていてタイムアウトになるので
});
}
} else {
validated = { valid: true, reason: null };
}
const emailDomain: string = emailAddress.split('@')[1];
const isBanned = this.utilityService.isBlockedHost(meta.bannedEmailDomains, emailDomain);
const available = exist === 0 && validated.valid && !isBanned;
2022-09-17 21:27:08 +03:00
return {
available,
reason: available ? null :
exist !== 0 ? 'used' :
isBanned ? 'banned' :
2022-09-17 21:27:08 +03:00
validated.reason === 'regex' ? 'format' :
validated.reason === 'disposable' ? 'disposable' :
validated.reason === 'mx' ? 'mx' :
validated.reason === 'smtp' ? 'smtp' :
validated.reason === 'network' ? 'network' :
validated.reason === 'blacklist' ? 'blacklist' :
2022-09-17 21:27:08 +03:00
null,
};
}
private async verifyMail(emailAddress: string, verifymailAuthKey: string): Promise<{
valid: boolean;
reason: 'used' | 'format' | 'disposable' | 'mx' | 'smtp' | null;
}> {
const endpoint = 'https://verifymail.io/api/' + emailAddress + '?key=' + verifymailAuthKey;
const res = await this.httpRequestService.send(endpoint, {
method: 'GET',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Accept: 'application/json, */*',
},
});
const json = (await res.json()) as {
block: boolean;
catch_all: boolean;
deliverable_email: boolean;
disposable: boolean;
domain: string;
email_address: string;
email_provider: string;
mx: boolean;
mx_fallback: boolean;
mx_host: string[];
mx_ip: string[];
mx_priority: { [key: string]: number };
privacy: boolean;
related_domains: string[];
};
if (json.email_address === undefined) {
return {
valid: false,
reason: 'format',
};
}
if (json.deliverable_email !== undefined && !json.deliverable_email) {
return {
valid: false,
reason: 'smtp',
};
}
if (json.disposable) {
return {
valid: false,
reason: 'disposable',
};
}
if (json.mx !== undefined && !json.mx) {
return {
valid: false,
reason: 'mx',
};
}
return {
valid: true,
reason: null,
};
}
private async trueMail<T>(truemailInstance: string, emailAddress: string, truemailAuthKey: string): Promise<{
valid: boolean;
reason: 'used' | 'format' | 'blacklist' | 'mx' | 'smtp' | 'network' | T | null;
}> {
const endpoint = truemailInstance + '?email=' + emailAddress;
try {
const res = await this.httpRequestService.send(endpoint, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
Accept: 'application/json',
Authorization: truemailAuthKey
},
});
const json = (await res.json()) as {
email: string;
success: boolean;
errors?: {
list_match?: string;
regex?: string;
mx?: string;
smtp?: string;
} | null;
};
if (json.email === undefined || (json.email !== undefined && json.errors?.regex)) {
return {
valid: false,
reason: 'format',
};
}
if (json.errors?.smtp) {
return {
valid: false,
reason: 'smtp',
};
}
if (json.errors?.mx) {
return {
valid: false,
reason: 'mx',
};
}
if (!json.success) {
return {
valid: false,
reason: json.errors?.list_match as T || 'blacklist',
};
}
return {
valid: true,
reason: null,
};
} catch (error) {
return {
valid: false,
reason: 'network',
};
}
}
2022-09-17 21:27:08 +03:00
}