keyserver/src/email/email.js

/**
 * Mailvelope - secure email with OpenPGP encryption for Webmail
 * Copyright (C) 2016 Mailvelope GmbH
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License version 3
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

'use strict';

const log = require('npmlog');
const util = require('../service/util');

/**
 * A simple wrapper around Nodemailer to send verification emails
 */
class Email {

  /**
   * Create an instance of the email object.
   * @param  {Object} mailer   An instance of nodemailer
   */
  constructor(mailer, openpgpEncrypt) {
    this._mailer = mailer;
    this._openpgpEncrypt = openpgpEncrypt;
  }

  /**
   * Create an instance of the reusable nodemailer SMTP transport.
   * @param {string}  host       SMTP server's hostname: 'smtp.gmail.com'
   * @param {Object}  auth       Auth credential: { user:'user@gmail.com', pass:'pass' }
   * @param {Object}  sender     message 'FROM' field: { name:'Your Support', email:'noreply@exmple.com' }
   * @param {string}  port       (optional) SMTP server's SMTP port. Defaults to 465.
   * @param {boolean} tls        (optional) if TSL should be used. Defaults to true.
   * @param {boolean} starttls   (optional) force STARTTLS to prevent downgrade attack. Defaults to true.
   * @param {boolean} pgp        (optional) if outgoing emails are encrypted to the user's public key.
   */
  init(options) {
    this._transport = this._mailer.createTransport({
      host: options.host,
      port: options.port || 465,
      auth: options.auth,
      secure: (options.tls !== undefined) ? util.isTrue(options.tls) : true,
      requireTLS: (options.starttls !== undefined) ? util.isTrue(options.starttls) : true,
    });
    if (util.isTrue(options.pgp)) {
      this._transport.use('stream', this._openpgpEncrypt());
    }
    this._sender = options.sender;
  }

  /**
   * Send the verification email to the user using a template.
   * @param {Object} template   the email template to use
   * @param {Object} userId     user id document
   * @param {Object} origin     origin of the server
   * @yield {Object}            send response from the SMTP server
   */
  *send(options) {
    let template = options.template, userId = options.userId, origin = options.origin;
    let message = {
      from: this._sender,
      to: userId,
      subject: template.subject,
      text: template.text,
      html: template.html,
      params: {
        name: userId.name,
        baseUrl: origin.protocol + '://' + origin.host,
        keyid: encodeURIComponent(userId.keyid),
        nonce: encodeURIComponent(userId.nonce)
      }
    };
    return yield this._sendHelper(message);
  }

  /**
   * A generic method to send an email message via nodemailer.
   * @param {Object} from      sender user id object: { name:'Jon Smith', email:'j@smith.com' }
   * @param {Object} to        recipient user id object: { name:'Jon Smith', email:'j@smith.com' }
   * @param {string} subject   message subject
   * @param {string} text      message plaintext body template
   * @param {string} html      message html body template
   * @param {Object} params    (optional) nodermailer template parameters
   * @yield {Object}           reponse object containing SMTP info
   */
  *_sendHelper(options) {
    let template = {
      subject: options.subject,
      text: options.text,
      html: options.html,
      encryptionKeys: [options.to.publicKeyArmored]
    };
    let sender = {
      from: {
        name: options.from.name,
        address: options.from.email
      }
    };
    let recipient = {
      to: {
        name: options.to.name,
        address: options.to.email
      }
    };
    let params = options.params || {};

    try {
      let sendFn = this._transport.templateSender(template, sender);
      let info = yield sendFn(recipient, params);
      if (!this._checkResponse(info)) {
        log.warn('email', 'Message may not have been received.', info);
      }
      return info;
    } catch(error) {
      log.error('email', 'Sending message failed.', error, options);
      util.throw(500, 'Sending email to user failed');
    }
  }

  /**
   * Check if the message was sent successfully according to SMTP
   * reply codes: http://www.supermailer.de/smtp_reply_codes.htm
   * @param  {Object} info   info object return from nodemailer
   * @return {boolean}       if the message was received by the user
   */
  _checkResponse(info) {
    return /^2/.test(info.response);
  }

}

module.exports = Email;
Design class architecture and HTTP api 2016-05-26 11:45:32 +00:00			`/**`
			`* Mailvelope - secure email with OpenPGP encryption for Webmail`
			`* Copyright (C) 2016 Mailvelope GmbH`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License version 3`
			`* as published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`'use strict';`

Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`const log = require('npmlog');`
			`const util = require('../service/util');`

Design class architecture and HTTP api 2016-05-26 11:45:32 +00:00			`/**`
			`* A simple wrapper around Nodemailer to send verification emails`
			`*/`
			`class Email {`

First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`/**`
			`* Create an instance of the email object.`
			`* @param {Object} mailer An instance of nodemailer`
			`*/`
Use nodemailer-openpgp plugin to encrypt verification emails 2016-06-02 14:19:54 +00:00			`constructor(mailer, openpgpEncrypt) {`
First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`this._mailer = mailer;`
Use nodemailer-openpgp plugin to encrypt verification emails 2016-06-02 14:19:54 +00:00			`this._openpgpEncrypt = openpgpEncrypt;`
First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`}`
Design class architecture and HTTP api 2016-05-26 11:45:32 +00:00
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`/**`
			`* Create an instance of the reusable nodemailer SMTP transport.`
Add STARTTLS flag to SMTP config 2016-06-02 11:00:22 +00:00			`* @param {string} host SMTP server's hostname: 'smtp.gmail.com'`
			`* @param {Object} auth Auth credential: { user:'user@gmail.com', pass:'pass' }`
			`* @param {Object} sender message 'FROM' field: { name:'Your Support', email:'noreply@exmple.com' }`
			`* @param {string} port (optional) SMTP server's SMTP port. Defaults to 465.`
			`* @param {boolean} tls (optional) if TSL should be used. Defaults to true.`
			`* @param {boolean} starttls (optional) force STARTTLS to prevent downgrade attack. Defaults to true.`
Use nodemailer-openpgp plugin to encrypt verification emails 2016-06-02 14:19:54 +00:00			`* @param {boolean} pgp (optional) if outgoing emails are encrypted to the user's public key.`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`*/`
			`init(options) {`
			`this._transport = this._mailer.createTransport({`
			`host: options.host,`
			`port: options.port \|\| 465,`
			`auth: options.auth,`
Simplify configuration for different environments 2016-06-07 12:56:55 +00:00			`secure: (options.tls !== undefined) ? util.isTrue(options.tls) : true,`
			`requireTLS: (options.starttls !== undefined) ? util.isTrue(options.starttls) : true,`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`});`
Simplify configuration for different environments 2016-06-07 12:56:55 +00:00			`if (util.isTrue(options.pgp)) {`
Use nodemailer-openpgp plugin to encrypt verification emails 2016-06-02 14:19:54 +00:00			`this._transport.use('stream', this._openpgpEncrypt());`
			`}`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`this._sender = options.sender;`
			`}`

First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`/**`
Simplify email.js 2016-05-31 14:48:18 +00:00			`* Send the verification email to the user using a template.`
			`* @param {Object} template the email template to use`
			`* @param {Object} userId user id document`
			`* @param {Object} origin origin of the server`
			`* @yield {Object} send response from the SMTP server`
First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`*/`
Simplify email.js 2016-05-31 14:48:18 +00:00			`*send(options) {`
			`let template = options.template, userId = options.userId, origin = options.origin;`
			`let message = {`
Implement email.sendVerifyRemove Write email.js unit tests 2016-05-30 13:36:32 +00:00			`from: this._sender,`
			`to: userId,`
Simplify email.js 2016-05-31 14:48:18 +00:00			`subject: template.subject,`
			`text: template.text,`
			`html: template.html,`
Implement email.sendVerifyRemove Write email.js unit tests 2016-05-30 13:36:32 +00:00			`params: {`
			`name: userId.name,`
			`baseUrl: origin.protocol + '://' + origin.host,`
			`keyid: encodeURIComponent(userId.keyid),`
			`nonce: encodeURIComponent(userId.nonce)`
			`}`
			`};`
Simplify email.js 2016-05-31 14:48:18 +00:00			`return yield this._sendHelper(message);`
Implement email.sendVerifyRemove Write email.js unit tests 2016-05-30 13:36:32 +00:00			`}`

Cleanup email module 2016-05-30 08:48:17 +00:00			`/**`
			`* A generic method to send an email message via nodemailer.`
			`* @param {Object} from sender user id object: { name:'Jon Smith', email:'j@smith.com' }`
			`* @param {Object} to recipient user id object: { name:'Jon Smith', email:'j@smith.com' }`
			`* @param {string} subject message subject`
			`* @param {string} text message plaintext body template`
			`* @param {string} html message html body template`
			`* @param {Object} params (optional) nodermailer template parameters`
			`* @yield {Object} reponse object containing SMTP info`
			`*/`
Simplify email.js 2016-05-31 14:48:18 +00:00			`*_sendHelper(options) {`
Cleanup email module 2016-05-30 08:48:17 +00:00			`let template = {`
			`subject: options.subject,`
			`text: options.text,`
Use nodemailer-openpgp plugin to encrypt verification emails 2016-06-02 14:19:54 +00:00			`html: options.html,`
			`encryptionKeys: [options.to.publicKeyArmored]`
Cleanup email module 2016-05-30 08:48:17 +00:00			`};`
			`let sender = {`
			`from: {`
			`name: options.from.name,`
			`address: options.from.email`
			`}`
			`};`
			`let recipient = {`
			`to: {`
			`name: options.to.name,`
			`address: options.to.email`
			`}`
			`};`
			`let params = options.params \|\| {};`

Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`try {`
Cleanup email module 2016-05-30 08:48:17 +00:00			`let sendFn = this._transport.templateSender(template, sender);`
			`let info = yield sendFn(recipient, params);`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`if (!this._checkResponse(info)) {`
Cleanup email module 2016-05-30 08:48:17 +00:00			`log.warn('email', 'Message may not have been received.', info);`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`}`
			`return info;`
Cleanup email module 2016-05-30 08:48:17 +00:00			`} catch(error) {`
			`log.error('email', 'Sending message failed.', error, options);`
			`util.throw(500, 'Sending email to user failed');`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`}`
			`}`

			`/**`
			`* Check if the message was sent successfully according to SMTP`
			`* reply codes: http://www.supermailer.de/smtp_reply_codes.htm`
Use nodemailer template engine 2016-05-29 15:51:10 +00:00			`* @param {Object} info info object return from nodemailer`
			`* @return {boolean} if the message was received by the user`
Implement Email DAO for sending verification mails 2016-05-29 14:47:45 +00:00			`*/`
			`_checkResponse(info) {`
			`return /^2/.test(info.response);`
First working prototype of the keyserver 2016-05-27 17:57:48 +00:00			`}`

			`}`

			`module.exports = Email;`