wip smptp

prostgles · Nov 27, 2024 · 5151032 · 5151032
1 parent f56d70a
commit 5151032
Show file tree

Hide file tree

Showing 9 changed files with 40 additions and 15 deletions.
diff --git a/lib/Auth/AuthHandler.ts b/lib/Auth/AuthHandler.ts
@@ -162,8 +162,8 @@ export class AuthHandler {
 
   destroy = () => {
     const app = this.opts?.expressConfig?.app;
-    const { login, logoutGetPath, magicLinksExpressRoute, catchAll, loginWithProvider, emailSignup, magicLinksRoute, confirmEmail } = AUTH_ROUTES_AND_PARAMS;
-    removeExpressRoute(app, [login, logoutGetPath, magicLinksExpressRoute, catchAll, loginWithProvider, emailSignup, magicLinksRoute, confirmEmail]);
+    const { login, logoutGetPath, magicLinksExpressRoute, catchAll, loginWithProvider, emailSignup, magicLinksRoute, confirmEmail, confirmEmailExpressRoute } = AUTH_ROUTES_AND_PARAMS;
+    removeExpressRoute(app, [login, logoutGetPath, magicLinksExpressRoute, catchAll, loginWithProvider, emailSignup, magicLinksRoute, confirmEmail, confirmEmailExpressRoute]);
   }
 
   throttledFunc = <T>(func: () => Promise<T>, throttle = 500): Promise<T> => {

diff --git a/lib/Auth/setAuthProviders.ts b/lib/Auth/setAuthProviders.ts
@@ -20,11 +20,11 @@ export const upsertNamedExpressMiddleware = (app: e.Express, handler: RequestHan
   app.use(handler);
 }
 
-export function setAuthProviders (this: AuthHandler, { registrations, app }: Required<Auth>["expressConfig"]) {
+export async function setAuthProviders (this: AuthHandler, { registrations, app }: Required<Auth>["expressConfig"]) {
   if(!registrations) return;
   const { onRegister, onProviderLoginFail, onProviderLoginStart, websiteUrl, OAuthProviders } = registrations;
 
-  setEmailProvider.bind(this)(app);
+  await setEmailProvider.bind(this)(app);
 
   if(!OAuthProviders || isEmpty(OAuthProviders)){
     return;

diff --git a/lib/Auth/setEmailProvider.ts b/lib/Auth/setEmailProvider.ts
@@ -2,11 +2,15 @@ import e from "express";
 import { AUTH_ROUTES_AND_PARAMS, AuthHandler } from "./AuthHandler";
 import { Email, SMTPConfig } from "./AuthTypes";
 import { sendEmail } from "./sendEmail";
+import { promises } from "node:dns";
 
-export function setEmailProvider(this: AuthHandler, app: e.Express) {
+export async function setEmailProvider(this: AuthHandler, app: e.Express) {
 
   const { email, websiteUrl } = this.opts?.expressConfig?.registrations ?? {};
   if(!email) return;
+  if(websiteUrl){
+    await checkDmarc(websiteUrl);
+  }
 
   app.post(AUTH_ROUTES_AND_PARAMS.emailSignup, async (req, res) => {
     const { username, password } = req.body;
@@ -60,4 +64,22 @@ export function setEmailProvider(this: AuthHandler, app: e.Express) {
       }
     });
   }
+}
+
+const checkDmarc = async (websiteUrl: string) => {
+  const { host } = new URL(websiteUrl);
+  const ignoredHosts = ["localhost", "127.0.0.1"]
+  if(!host || ignoredHosts.includes(host)){
+    return;
+  }
+  const dmarc = await promises.resolveTxt(`_dmarc.${host}`);
+  const dmarkTxt = dmarc[0]?.[0];
+  if(
+    !dmarkTxt?.includes("v=DMARC1") ||
+    (!dmarkTxt?.includes("p=reject") && !dmarkTxt?.includes("p=quarantine"))
+  ){
+    throw new Error("DMARC not set to reject/quarantine");
+  } else {
+    console.log("DMARC set to reject")
+  }
 }
diff --git a/lib/Auth/setupAuthRoutes.ts b/lib/Auth/setupAuthRoutes.ts
@@ -27,7 +27,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
     throw "Invalid or empty string provided within publicRoutes "
   }
 
-  setAuthProviders.bind(this)(expressConfig);
+  await setAuthProviders.bind(this)(expressConfig);
 
   if(use){
     const prostglesUseMiddleware: RequestHandler = (req, res, next) => {

diff --git a/lib/Prostgles.ts b/lib/Prostgles.ts
@@ -226,6 +226,12 @@ export class Prostgles {
     }
   }
 
+  initAuthHandler = async () => {
+    this.authHandler?.destroy();
+    this.authHandler = new AuthHandler(this as any);
+    await this.authHandler.init();
+  }
+
   initTableConfig = async (reason: OnInitReason) => {
     const res = await tryCatch(async () => {
 

diff --git a/lib/initProstgles.ts b/lib/initProstgles.ts
@@ -130,8 +130,7 @@ export const initProstgles = async function(this: Prostgles, onReady: OnReadyCal
       }
 
       /* 3.9 Check auth config */
-      this.authHandler = new AuthHandler(this as any);
-      await this.authHandler.init();
+      await this.initAuthHandler();
 
       this.publishParser = new PublishParser(this.opts.publish, this.opts.publishMethods as any, this.opts.publishRawSQL, this.dbo!, this.db, this as any);
       this.dboBuilder.publishParser = this.publishParser;
@@ -194,9 +193,7 @@ export const initProstgles = async function(this: Prostgles, onReady: OnReadyCal
           await this.refreshDBO();
         }
         if("auth" in newOpts){
-          this.authHandler?.destroy();
-          this.authHandler = new AuthHandler(this as any);
-          await this.authHandler.init();
+          await this.initAuthHandler();
         }
 
         if(isEmpty(newOpts)) return;

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.156",
+  "version": "4.2.157",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

diff --git a/tests/server/package-lock.json b/tests/server/package-lock.json