bitwarden_rs/src/mail.rs

use lettre::smtp::authentication::Credentials;
use lettre::smtp::ConnectionReuseParameters;
use lettre::{ClientSecurity, ClientTlsParameters, SmtpClient, SmtpTransport, Transport};
use lettre_email::EmailBuilder;
use native_tls::{Protocol, TlsConnector};

use crate::MailConfig;
use crate::CONFIG;
use crate::auth::{generate_invite_claims, encode_jwt};
use crate::api::EmptyResult;
use crate::error::Error;

fn mailer(config: &MailConfig) -> SmtpTransport {
    let client_security = if config.smtp_ssl {
        let tls = TlsConnector::builder()
            .min_protocol_version(Some(Protocol::Tlsv11))
            .build()
            .unwrap();

        ClientSecurity::Required(ClientTlsParameters::new(config.smtp_host.clone(), tls))
    } else {
        ClientSecurity::None
    };

    let smtp_client = SmtpClient::new((config.smtp_host.as_str(), config.smtp_port), client_security).unwrap();

    let smtp_client = match (&config.smtp_username, &config.smtp_password) {
        (Some(user), Some(pass)) => smtp_client.credentials(Credentials::new(user.clone(), pass.clone())),
        _ => smtp_client,
    };

    smtp_client
        .smtp_utf8(true)
        .connection_reuse(ConnectionReuseParameters::NoReuse)
        .transport()
}

pub fn send_password_hint(address: &str, hint: Option<String>, config: &MailConfig) -> EmptyResult {
    let (subject, body) = if let Some(hint) = hint {
        (
            "Your master password hint",
            format!(
                "You (or someone) recently requested your master password hint.\n\n\
                 Your hint is:  \"{}\"\n\n\
                 If you did not request your master password hint you can safely ignore this email.\n",
                hint
            ),
        )
    } else {
        (
            "Sorry, you have no password hint...",
            "Sorry, you have not specified any password hint...\n".into(),
        )
    };

    send_email(&address, &subject, &body, &config)
}

pub fn send_invite(
    address: &str,
    uuid: &str,
    org_id: Option<String>,
    org_user_id: Option<String>,
    org_name: &str,
    invited_by_email: Option<String>,
    config: &MailConfig,
) -> EmptyResult {
    let claims = generate_invite_claims(
                uuid.to_string(),
                String::from(address),
                org_id.clone(),
                org_user_id.clone(),
                invited_by_email.clone(),
            );
    let invite_token = encode_jwt(&claims);
    let (subject, body) = {
        (format!("Join {}", &org_name),
        format!(
            "<html>
             <p>You have been invited to join the <b>{}</b> organization.<br><br>
             <a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">
             Click here to join</a></p>
             <p>If you do not wish to join this organization, you can safely ignore this email.</p>
             </html>",
            org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token
        ))
    };

    send_email(&address, &subject, &body, &config)
}

pub fn send_invite_accepted(
    new_user_email: &str,
    address: &str,
    org_name: &str,
    config: &MailConfig,
) -> EmptyResult {
    let (subject, body) = {
        ("Invitation accepted",
        format!(
            "<html>
             <p>Your invitation for <b>{}</b> to join <b>{}</b> was accepted. Please <a href=\"{}\">log in</a> to the bitwarden_rs server and confirm them from the organization management page.</p>
             </html>", new_user_email, org_name, CONFIG.domain))
    };

    send_email(&address, &subject, &body, &config)
}

pub fn send_invite_confirmed(
    address: &str,
    org_name: &str,
    config: &MailConfig,
) -> EmptyResult {
    let (subject, body) = {
        (format!("Invitation to {} confirmed", org_name),
        format!(
            "<html>
             <p>Your invitation to join <b>{}</b> was confirmed. It will now appear under the Organizations the next time you <a href=\"{}\">log in</a> to the web vault.</p>
             </html>", org_name, CONFIG.domain))
    };

    send_email(&address, &subject, &body, &config)
}

fn send_email(address: &str, subject: &str, body: &str, config: &MailConfig) -> EmptyResult {
    let email = EmailBuilder::new()
    .to(address)
    .from((config.smtp_from.clone(), "Bitwarden-rs"))
    .subject(subject)
    .header(("Content-Type", "text/html"))
    .body(body)
    .build()
    .map_err(|e| Error::new("Error building email", e.to_string()))?;

    mailer(config)
        .send(email.into())
        .map_err(|e| Error::new("Error sending email", e.to_string()))
        .and(Ok(()))
}
make SMTP authentication optionnal, let lettre pick the better auth mechanism 2018-08-15 17:00:55 +02:00			`use lettre::smtp::authentication::Credentials;`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`use lettre::smtp::ConnectionReuseParameters;`
			`use lettre::{ClientSecurity, ClientTlsParameters, SmtpClient, SmtpTransport, Transport};`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`use lettre_email::EmailBuilder;`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`use native_tls::{Protocol, TlsConnector};`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00			`use crate::MailConfig;`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`use crate::CONFIG;`
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-06 05:03:49 +01:00			`use crate::auth::{generate_invite_claims, encode_jwt};`
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`use crate::api::EmptyResult;`
			`use crate::error::Error;`

SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`fn mailer(config: &MailConfig) -> SmtpTransport {`
			`let client_security = if config.smtp_ssl {`
Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file 2018-10-04 00:01:04 +02:00			`let tls = TlsConnector::builder()`
			`.min_protocol_version(Some(Protocol::Tlsv11))`
			`.build()`
			`.unwrap();`

			`ClientSecurity::Required(ClientTlsParameters::new(config.smtp_host.clone(), tls))`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`} else {`
			`ClientSecurity::None`
			`};`

Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`let smtp_client = SmtpClient::new((config.smtp_host.as_str(), config.smtp_port), client_security).unwrap();`
make SMTP authentication optionnal, let lettre pick the better auth mechanism 2018-08-15 17:00:55 +02:00
Temp fix for OpenSSL 1.1.1 compatibility 2018-09-19 21:45:50 +02:00			`let smtp_client = match (&config.smtp_username, &config.smtp_password) {`
Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file 2018-10-04 00:01:04 +02:00			`(Some(user), Some(pass)) => smtp_client.credentials(Credentials::new(user.clone(), pass.clone())),`
			`_ => smtp_client,`
make SMTP authentication optionnal, let lettre pick the better auth mechanism 2018-08-15 17:00:55 +02:00			`};`

Temp fix for OpenSSL 1.1.1 compatibility 2018-09-19 21:45:50 +02:00			`smtp_client`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`.smtp_utf8(true)`
make SMTP authentication optionnal, let lettre pick the better auth mechanism 2018-08-15 17:00:55 +02:00			`.connection_reuse(ConnectionReuseParameters::NoReuse)`
Temp fix for OpenSSL 1.1.1 compatibility 2018-09-19 21:45:50 +02:00			`.transport()`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`}`

Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`pub fn send_password_hint(address: &str, hint: Option<String>, config: &MailConfig) -> EmptyResult {`
Special messages when user has no password hint 2018-09-11 13:04:34 +02:00			`let (subject, body) = if let Some(hint) = hint {`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`(`
			`"Your master password hint",`
			`format!(`
			`"You (or someone) recently requested your master password hint.\n\n\`
			`Your hint is: \"{}\"\n\n\`
			`If you did not request your master password hint you can safely ignore this email.\n",`
			`hint`
			`),`
			`)`
Special messages when user has no password hint 2018-09-11 13:04:34 +02:00			`} else {`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`(`
			`"Sorry, you have no password hint...",`
			`"Sorry, you have not specified any password hint...\n".into(),`
			`)`
Special messages when user has no password hint 2018-09-11 13:04:34 +02:00			`};`
Better message into the password hint email 2018-08-15 10:17:05 +02:00
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`send_email(&address, &subject, &body, &config)`
			`}`

			`pub fn send_invite(`
			`address: &str,`
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-06 05:03:49 +01:00			`uuid: &str,`
			`org_id: Option<String>,`
			`org_user_id: Option<String>,`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`org_name: &str,`
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-06 05:03:49 +01:00			`invited_by_email: Option<String>,`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`config: &MailConfig,`
			`) -> EmptyResult {`
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-06 05:03:49 +01:00			`let claims = generate_invite_claims(`
			`uuid.to_string(),`
			`String::from(address),`
			`org_id.clone(),`
			`org_user_id.clone(),`
			`invited_by_email.clone(),`
			`);`
			`let invite_token = encode_jwt(&claims);`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`let (subject, body) = {`
			`(format!("Join {}", &org_name),`
			`format!(`
			`"<html>`
			`<p>You have been invited to join the <b>{}</b> organization.<br><br>`
Remove whitespace before processing tokens 2019-01-07 20:37:14 +01:00			`<a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">`
			`Click here to join</a></p>`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`<p>If you do not wish to join this organization, you can safely ignore this email.</p>`
			`</html>",`
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-06 05:03:49 +01:00			`org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`))`
			`};`

			`send_email(&address, &subject, &body, &config)`
			`}`

			`pub fn send_invite_accepted(`
			`new_user_email: &str,`
			`address: &str,`
			`org_name: &str,`
			`config: &MailConfig,`
			`) -> EmptyResult {`
			`let (subject, body) = {`
			`("Invitation accepted",`
			`format!(`
			`"<html>`
Fix formatting and add vault link to notification emails 2019-01-05 19:36:08 +01:00			`<p>Your invitation for <b>{}</b> to join <b>{}</b> was accepted. Please <a href=\"{}\">log in</a> to the bitwarden_rs server and confirm them from the organization management page.</p>`
			`</html>", new_user_email, org_name, CONFIG.domain))`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`};`

			`send_email(&address, &subject, &body, &config)`
			`}`

			`pub fn send_invite_confirmed(`
			`address: &str,`
			`org_name: &str,`
			`config: &MailConfig,`
			`) -> EmptyResult {`
			`let (subject, body) = {`
			`(format!("Invitation to {} confirmed", org_name),`
			`format!(`
			`"<html>`
Fix formatting and add vault link to notification emails 2019-01-05 19:36:08 +01:00			`<p>Your invitation to join <b>{}</b> was confirmed. It will now appear under the Organizations the next time you <a href=\"{}\">log in</a> to the web vault.</p>`
			`</html>", org_name, CONFIG.domain))`
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`};`

			`send_email(&address, &subject, &body, &config)`
SMTP integration, send password hint by email. 2018-08-15 08:32:19 +02:00			`}`
Add invite email functionality 2018-12-15 03:54:03 +01:00
Update admin page to work with new invitation flow 2019-01-04 16:32:51 +01:00			`fn send_email(address: &str, subject: &str, body: &str, config: &MailConfig) -> EmptyResult {`
Add invite email functionality 2018-12-15 03:54:03 +01:00			`let email = EmailBuilder::new()`
Replace invite/reinvite email functions with generic send_email 2019-01-03 04:19:44 +01:00			`.to(address)`
			`.from((config.smtp_from.clone(), "Bitwarden-rs"))`
			`.subject(subject)`
			`.header(("Content-Type", "text/html"))`
			`.body(body)`
			`.build()`
			`.map_err(\|e\| Error::new("Error building email", e.to_string()))?;`
Add invite email functionality 2018-12-15 03:54:03 +01:00
Fix formatting and add vault link to notification emails 2019-01-05 19:36:08 +01:00			`mailer(config)`
			`.send(email.into())`
			`.map_err(\|e\| Error::new("Error sending email", e.to_string()))`
			`.and(Ok(()))`
Replace invite/reinvite email functions with generic send_email 2019-01-03 04:19:44 +01:00			`}`