alps/server.go

package koushin

import (
	"fmt"
	"io/ioutil"
	"mime"
	"net/http"
	"net/url"
	"strconv"
	"strings"
	"time"

	"github.com/emersion/go-imap"
	imapclient "github.com/emersion/go-imap/client"
	"github.com/emersion/go-message"
	"github.com/emersion/go-sasl"
	"github.com/labstack/echo/v4"
)

const cookieName = "koushin_session"

const messagesPerPage = 50

type Server struct {
	imap struct {
		host     string
		tls      bool
		insecure bool

		pool *ConnPool
	}

	smtp struct {
		host     string
		tls      bool
		insecure bool
	}
}

func (s *Server) parseIMAPURL(imapURL string) error {
	u, err := url.Parse(imapURL)
	if err != nil {
		return fmt.Errorf("failed to parse IMAP server URL: %v", err)
	}

	s.imap.host = u.Host
	switch u.Scheme {
	case "imap":
		// This space is intentionally left blank
	case "imaps":
		s.imap.tls = true
	case "imap+insecure":
		s.imap.insecure = true
	default:
		return fmt.Errorf("unrecognized IMAP URL scheme: %s", u.Scheme)
	}

	return nil
}

func (s *Server) parseSMTPURL(smtpURL string) error {
	u, err := url.Parse(smtpURL)
	if err != nil {
		return fmt.Errorf("failed to parse SMTP server URL: %v", err)
	}

	s.smtp.host = u.Host
	switch u.Scheme {
	case "smtp":
		// This space is intentionally left blank
	case "smtps":
		s.smtp.tls = true
	case "smtp+insecure":
		s.smtp.insecure = true
	default:
		return fmt.Errorf("unrecognized SMTP URL scheme: %s", u.Scheme)
	}

	return nil
}

func NewServer(imapURL, smtpURL string) (*Server, error) {
	s := &Server{}

	if err := s.parseIMAPURL(imapURL); err != nil {
		return nil, err
	}
	s.imap.pool = NewConnPool()

	if smtpURL != "" {
		if err := s.parseSMTPURL(smtpURL); err != nil {
			return nil, err
		}
	}

	return s, nil
}

type context struct {
	echo.Context
	server  *Server
	session *Session
}

var aLongTimeAgo = time.Unix(233431200, 0)

func (c *context) setToken(token string) {
	cookie := http.Cookie{
		Name:     cookieName,
		Value:    token,
		HttpOnly: true,
		// TODO: domain, secure
	}
	if token == "" {
		cookie.Expires = aLongTimeAgo // unset the cookie
	}
	c.SetCookie(&cookie)
}

func handleLogin(ectx echo.Context) error {
	ctx := ectx.(*context)
	username := ctx.FormValue("username")
	password := ctx.FormValue("password")
	if username != "" && password != "" {
		conn, err := ctx.server.connectIMAP()
		if err != nil {
			return err
		}

		if err := conn.Login(username, password); err != nil {
			conn.Logout()
			return ctx.Render(http.StatusOK, "login.html", nil)
		}

		token, err := ctx.server.imap.pool.Put(conn, username, password)
		if err != nil {
			return fmt.Errorf("failed to put connection in pool: %v", err)
		}
		ctx.setToken(token)

		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")
	}

	return ctx.Render(http.StatusOK, "login.html", nil)
}

func handleGetPart(ctx *context, raw bool) error {
	mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))
	if err != nil {
		return echo.NewHTTPError(http.StatusBadRequest, err)
	}
	partPathString := ctx.QueryParam("part")
	partPath, err := parsePartPath(partPathString)
	if err != nil {
		return echo.NewHTTPError(http.StatusBadRequest, err)
	}

	var msg *imapMessage
	var part *message.Entity
	var mbox *imap.MailboxStatus
	err = ctx.session.Do(func(c *imapclient.Client) error {
		var err error
		msg, part, err = getMessagePart(c, mboxName, uid, partPath)
		mbox = c.Mailbox()
		return err
	})
	if err != nil {
		return err
	}

	mimeType, _, err := part.Header.ContentType()
	if err != nil {
		return fmt.Errorf("failed to parse part Content-Type: %v", err)
	}
	if len(partPath) == 0 {
		mimeType = "message/rfc822"
	}

	if raw {
		disp, dispParams, _ := part.Header.ContentDisposition()
		filename := dispParams["filename"]

		// TODO: set Content-Length if possible

		if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") {
			dispParams := make(map[string]string)
			if filename != "" {
				dispParams["filename"] = filename
			}
			disp := mime.FormatMediaType("attachment", dispParams)
			ctx.Response().Header().Set("Content-Disposition", disp)
		}
		return ctx.Stream(http.StatusOK, mimeType, part.Body)
	}

	var body string
	if strings.HasPrefix(strings.ToLower(mimeType), "text/") {
		b, err := ioutil.ReadAll(part.Body)
		if err != nil {
			return fmt.Errorf("failed to read part body: %v", err)
		}
		body = string(b)
	}

	return ctx.Render(http.StatusOK, "message.html", map[string]interface{}{
		"Mailbox":     mbox,
		"Message":     msg,
		"Body":        body,
		"PartPath":    partPathString,
		"MailboxPage": (mbox.Messages - msg.SeqNum) / messagesPerPage,
	})
}

func handleCompose(ectx echo.Context) error {
	ctx := ectx.(*context)

	var msg OutgoingMessage
	if strings.ContainsRune(ctx.session.username, '@') {
		msg.From = ctx.session.username
	}

	if ctx.Request().Method == http.MethodGet && ctx.Param("uid") != "" {
		// This is a reply
		mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))
		if err != nil {
			return echo.NewHTTPError(http.StatusBadRequest, err)
		}
		partPath, err := parsePartPath(ctx.QueryParam("part"))
		if err != nil {
			return echo.NewHTTPError(http.StatusBadRequest, err)
		}

		var inReplyTo *imapMessage
		var part *message.Entity
		err = ctx.session.Do(func(c *imapclient.Client) error {
			var err error
			inReplyTo, part, err = getMessagePart(c, mboxName, uid, partPath)
			return err
		})
		if err != nil {
			return err
		}

		mimeType, _, err := part.Header.ContentType()
		if err != nil {
			return fmt.Errorf("failed to parse part Content-Type: %v", err)
		}

		if !strings.HasPrefix(strings.ToLower(mimeType), "text/") {
			err := fmt.Errorf("cannot reply to \"%v\" part", mimeType)
			return echo.NewHTTPError(http.StatusBadRequest, err)
		}

		msg.Text, err = quote(part.Body)
		if err != nil {
			return err
		}

		msg.InReplyTo = inReplyTo.Envelope.MessageId
		// TODO: populate From from known user addresses and inReplyTo.Envelope.To
		replyTo := inReplyTo.Envelope.ReplyTo
		if len(replyTo) == 0 {
			replyTo = inReplyTo.Envelope.From
		}
		if len(replyTo) > 0 {
			msg.To = make([]string, len(replyTo))
			for i, to := range replyTo {
				msg.To[i] = to.MailboxName + "@" + to.HostName
			}
		}
		msg.Subject = inReplyTo.Envelope.Subject
		if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {
			msg.Subject = "Re: " + msg.Subject
		}
	}

	if ctx.Request().Method == http.MethodPost {
		msg.From = ctx.FormValue("from")
		msg.To = parseAddressList(ctx.FormValue("to"))
		msg.Subject = ctx.FormValue("subject")
		msg.Text = ctx.FormValue("text")
		msg.InReplyTo = ctx.FormValue("in_reply_to")

		c, err := ctx.server.connectSMTP()
		if err != nil {
			return err
		}
		defer c.Close()

		auth := sasl.NewPlainClient("", ctx.session.username, ctx.session.password)
		if err := c.Auth(auth); err != nil {
			return echo.NewHTTPError(http.StatusForbidden, err)
		}

		if err := sendMessage(c, &msg); err != nil {
			return err
		}

		if err := c.Quit(); err != nil {
			return fmt.Errorf("QUIT failed: %v", err)
		}

		// TODO: append to IMAP Sent mailbox

		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")
	}

	return ctx.Render(http.StatusOK, "compose.html", map[string]interface{}{
		"Message": &msg,
	})
}

func New(imapURL, smtpURL string) *echo.Echo {
	e := echo.New()

	s, err := NewServer(imapURL, smtpURL)
	if err != nil {
		e.Logger.Fatal(err)
	}

	e.HTTPErrorHandler = func(err error, c echo.Context) {
		code := http.StatusInternalServerError
		if he, ok := err.(*echo.HTTPError); ok {
			code = he.Code
		} else {
			c.Logger().Error(err)
		}
		// TODO: hide internal errors
		c.String(code, err.Error())
	}

	e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(ectx echo.Context) error {
			ctx := &context{Context: ectx, server: s}

			cookie, err := ctx.Cookie(cookieName)
			if err == http.ErrNoCookie {
				// Require auth for all pages except /login
				if ctx.Path() == "/login" || strings.HasPrefix(ctx.Path(), "/assets/") {
					return next(ctx)
				} else {
					return ctx.Redirect(http.StatusFound, "/login")
				}
			} else if err != nil {
				return err
			}

			ctx.session, err = ctx.server.imap.pool.Get(cookie.Value)
			if err == ErrSessionExpired {
				ctx.setToken("")
				return ctx.Redirect(http.StatusFound, "/login")
			} else if err != nil {
				return err
			}

			return next(ctx)
		}
	})

	e.Renderer, err = loadTemplates()
	if err != nil {
		e.Logger.Fatal("Failed to load templates:", err)
	}

	e.GET("/mailbox/:mbox", func(ectx echo.Context) error {
		ctx := ectx.(*context)

		mboxName, err := url.PathUnescape(ctx.Param("mbox"))
		if err != nil {
			return echo.NewHTTPError(http.StatusBadRequest, err)
		}

		page := 0
		if pageStr := ctx.QueryParam("page"); pageStr != "" {
			var err error
			if page, err = strconv.Atoi(pageStr); err != nil || page < 0 {
				return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")
			}
		}

		var mailboxes []*imap.MailboxInfo
		var msgs []imapMessage
		var mbox *imap.MailboxStatus
		err = ctx.session.Do(func(c *imapclient.Client) error {
			var err error
			if mailboxes, err = listMailboxes(c); err != nil {
				return err
			}
			if msgs, err = listMessages(c, mboxName, page); err != nil {
				return err
			}
			mbox = c.Mailbox()
			return nil
		})
		if err != nil {
			return err
		}

		prevPage, nextPage := -1, -1
		if page > 0 {
			prevPage = page - 1
		}
		if (page+1)*messagesPerPage < int(mbox.Messages) {
			nextPage = page + 1
		}

		return ctx.Render(http.StatusOK, "mailbox.html", map[string]interface{}{
			"Mailbox":   mbox,
			"Mailboxes": mailboxes,
			"Messages":  msgs,
			"PrevPage":  prevPage,
			"NextPage":  nextPage,
		})
	})

	e.GET("/message/:mbox/:uid", func(ectx echo.Context) error {
		ctx := ectx.(*context)
		return handleGetPart(ctx, false)
	})
	e.GET("/message/:mbox/:uid/raw", func(ectx echo.Context) error {
		ctx := ectx.(*context)
		return handleGetPart(ctx, true)
	})

	e.GET("/login", handleLogin)
	e.POST("/login", handleLogin)

	e.GET("/logout", func(ectx echo.Context) error {
		ctx := ectx.(*context)

		err := ctx.session.Do(func(c *imapclient.Client) error {
			return c.Logout()
		})
		if err != nil {
			return fmt.Errorf("failed to logout: %v", err)
		}

		ctx.setToken("")
		return ctx.Redirect(http.StatusFound, "/login")
	})

	e.GET("/compose", handleCompose)
	e.POST("/compose", handleCompose)

	e.GET("/message/:mbox/:uid/reply", handleCompose)
	e.POST("/message/:mbox/:uid/reply", handleCompose)

	e.Static("/assets", "public/assets")

	return e
}
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`package koushin`

			`import (`
Add initial login logic 2019-12-02 16:24:19 +00:00			`"fmt"`
Display & download any message part 2019-12-03 12:07:25 +00:00			`"io/ioutil"`
			`"mime"`
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`"net/http"`
Add initial login logic 2019-12-02 16:24:19 +00:00			`"net/url"`
Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`"strconv"`
Display & download any message part 2019-12-03 12:07:25 +00:00			`"strings"`
Add initial login logic 2019-12-02 16:24:19 +00:00			`"time"`
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`"github.com/emersion/go-imap"`
Add initial login logic 2019-12-02 16:24:19 +00:00			`imapclient "github.com/emersion/go-imap/client"`
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`"github.com/emersion/go-message"`
Add basic SMTP support 2019-12-03 15:27:49 +00:00			`"github.com/emersion/go-sasl"`
go fmt 2019-12-03 10:12:26 +00:00			`"github.com/labstack/echo/v4"`
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`)`

Add initial login logic 2019-12-02 16:24:19 +00:00			`const cookieName = "koushin_session"`

Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`const messagesPerPage = 50`

Add initial login logic 2019-12-02 16:24:19 +00:00			`type Server struct {`
			`imap struct {`
go fmt 2019-12-03 10:12:26 +00:00			`host string`
			`tls bool`
Add initial login logic 2019-12-02 16:24:19 +00:00			`insecure bool`

			`pool *ConnPool`
			`}`
Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00
			`smtp struct {`
			`host string`
			`tls bool`
			`insecure bool`
			`}`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`

Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`func (s *Server) parseIMAPURL(imapURL string) error {`
Add initial login logic 2019-12-02 16:24:19 +00:00			`u, err := url.Parse(imapURL)`
			`if err != nil {`
Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`return fmt.Errorf("failed to parse IMAP server URL: %v", err)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`

			`s.imap.host = u.Host`
			`switch u.Scheme {`
			`case "imap":`
			`// This space is intentionally left blank`
			`case "imaps":`
			`s.imap.tls = true`
			`case "imap+insecure":`
			`s.imap.insecure = true`
			`default:`
Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`return fmt.Errorf("unrecognized IMAP URL scheme: %s", u.Scheme)`
			`}`

			`return nil`
			`}`

			`func (s *Server) parseSMTPURL(smtpURL string) error {`
			`u, err := url.Parse(smtpURL)`
			`if err != nil {`
			`return fmt.Errorf("failed to parse SMTP server URL: %v", err)`
			`}`

			`s.smtp.host = u.Host`
			`switch u.Scheme {`
			`case "smtp":`
			`// This space is intentionally left blank`
			`case "smtps":`
			`s.smtp.tls = true`
			`case "smtp+insecure":`
			`s.smtp.insecure = true`
			`default:`
			`return fmt.Errorf("unrecognized SMTP URL scheme: %s", u.Scheme)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`

Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`return nil`
			`}`

			`func NewServer(imapURL, smtpURL string) (*Server, error) {`
			`s := &Server{}`

			`if err := s.parseIMAPURL(imapURL); err != nil {`
			`return nil, err`
			`}`
Add initial login logic 2019-12-02 16:24:19 +00:00			`s.imap.pool = NewConnPool()`
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00
Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`if smtpURL != "" {`
			`if err := s.parseSMTPURL(smtpURL); err != nil {`
			`return nil, err`
			`}`
			`}`

Add initial login logic 2019-12-02 16:24:19 +00:00			`return s, nil`
			`}`

			`type context struct {`
			`echo.Context`
Add basic SMTP support 2019-12-03 15:27:49 +00:00			`server *Server`
Save username/password in session This is required for authenticating with the SMTP server when composing a new message. 2019-12-03 14:44:20 +00:00			`session *Session`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`

			`var aLongTimeAgo = time.Unix(233431200, 0)`

			`func (c *context) setToken(token string) {`
			`cookie := http.Cookie{`
go fmt 2019-12-03 10:12:26 +00:00			`Name: cookieName,`
			`Value: token,`
Add initial login logic 2019-12-02 16:24:19 +00:00			`HttpOnly: true,`
			`// TODO: domain, secure`
			`}`
			`if token == "" {`
			`cookie.Expires = aLongTimeAgo // unset the cookie`
			`}`
			`c.SetCookie(&cookie)`
			`}`

			`func handleLogin(ectx echo.Context) error {`
			`ctx := ectx.(*context)`
			`username := ctx.FormValue("username")`
			`password := ctx.FormValue("password")`
			`if username != "" && password != "" {`
			`conn, err := ctx.server.connectIMAP()`
			`if err != nil {`
			`return err`
			`}`

			`if err := conn.Login(username, password); err != nil {`
			`conn.Logout()`
			`return ctx.Render(http.StatusOK, "login.html", nil)`
			`}`

Save username/password in session This is required for authenticating with the SMTP server when composing a new message. 2019-12-03 14:44:20 +00:00			`token, err := ctx.server.imap.pool.Put(conn, username, password)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`if err != nil {`
Add context to errors 2019-12-03 13:48:11 +00:00			`return fmt.Errorf("failed to put connection in pool: %v", err)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`
			`ctx.setToken(token)`

Add basic message list 2019-12-02 17:21:45 +00:00			`return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")`
Add initial login logic 2019-12-02 16:24:19 +00:00			`}`

			`return ctx.Render(http.StatusOK, "login.html", nil)`
			`}`

Display & download any message part 2019-12-03 12:07:25 +00:00			`func handleGetPart(ctx *context, raw bool) error {`
Add support for replying to a message 2019-12-03 17:41:23 +00:00			`mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))`
Display & download any message part 2019-12-03 12:07:25 +00:00			`if err != nil {`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`
			`partPathString := ctx.QueryParam("part")`
			`partPath, err := parsePartPath(partPathString)`
			`if err != nil {`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`

Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`var msg *imapMessage`
			`var part *message.Entity`
			`var mbox *imap.MailboxStatus`
			`err = ctx.session.Do(func(c *imapclient.Client) error {`
			`var err error`
			`msg, part, err = getMessagePart(c, mboxName, uid, partPath)`
			`mbox = c.Mailbox()`
			`return err`
			`})`
Display & download any message part 2019-12-03 12:07:25 +00:00			`if err != nil {`
			`return err`
			`}`

			`mimeType, _, err := part.Header.ContentType()`
			`if err != nil {`
Add context to errors 2019-12-03 13:48:11 +00:00			`return fmt.Errorf("failed to parse part Content-Type: %v", err)`
Display & download any message part 2019-12-03 12:07:25 +00:00			`}`
			`if len(partPath) == 0 {`
			`mimeType = "message/rfc822"`
			`}`

			`if raw {`
			`disp, dispParams, _ := part.Header.ContentDisposition()`
			`filename := dispParams["filename"]`

Save username/password in session This is required for authenticating with the SMTP server when composing a new message. 2019-12-03 14:44:20 +00:00			`// TODO: set Content-Length if possible`

Display & download any message part 2019-12-03 12:07:25 +00:00			`if !strings.EqualFold(mimeType, "text/plain") \|\| strings.EqualFold(disp, "attachment") {`
			`dispParams := make(map[string]string)`
			`if filename != "" {`
			`dispParams["filename"] = filename`
			`}`
			`disp := mime.FormatMediaType("attachment", dispParams)`
			`ctx.Response().Header().Set("Content-Disposition", disp)`
			`}`
			`return ctx.Stream(http.StatusOK, mimeType, part.Body)`
			`}`

			`var body string`
			`if strings.HasPrefix(strings.ToLower(mimeType), "text/") {`
			`b, err := ioutil.ReadAll(part.Body)`
			`if err != nil {`
Add context to errors 2019-12-03 13:48:11 +00:00			`return fmt.Errorf("failed to read part body: %v", err)`
Display & download any message part 2019-12-03 12:07:25 +00:00			`}`
			`body = string(b)`
			`}`

			`return ctx.Render(http.StatusOK, "message.html", map[string]interface{}{`
Make message view's Back link set the mailbox page This allows to go back and forth between the mailbox view and the message view. References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 19:06:43 +00:00			`"Mailbox": mbox,`
			`"Message": msg,`
			`"Body": body,`
			`"PartPath": partPathString,`
			`"MailboxPage": (mbox.Messages - msg.SeqNum) / messagesPerPage,`
Display & download any message part 2019-12-03 12:07:25 +00:00			`})`
			`}`

Add compose view 2019-12-03 13:33:20 +00:00			`func handleCompose(ectx echo.Context) error {`
			`ctx := ectx.(*context)`
Add basic SMTP support 2019-12-03 15:27:49 +00:00
Pre-fill composer with sender address 2019-12-03 15:46:03 +00:00			`var msg OutgoingMessage`
			`if strings.ContainsRune(ctx.session.username, '@') {`
			`msg.From = ctx.session.username`
			`}`

Add support for replying to a message 2019-12-03 17:41:23 +00:00			`if ctx.Request().Method == http.MethodGet && ctx.Param("uid") != "" {`
			`// This is a reply`
			`mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))`
			`if err != nil {`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`
			`partPath, err := parsePartPath(ctx.QueryParam("part"))`
			`if err != nil {`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`

			`var inReplyTo *imapMessage`
			`var part *message.Entity`
			`err = ctx.session.Do(func(c *imapclient.Client) error {`
			`var err error`
			`inReplyTo, part, err = getMessagePart(c, mboxName, uid, partPath)`
			`return err`
			`})`
			`if err != nil {`
			`return err`
			`}`

			`mimeType, _, err := part.Header.ContentType()`
			`if err != nil {`
			`return fmt.Errorf("failed to parse part Content-Type: %v", err)`
			`}`

			`if !strings.HasPrefix(strings.ToLower(mimeType), "text/") {`
			`err := fmt.Errorf("cannot reply to \"%v\" part", mimeType)`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`

			`msg.Text, err = quote(part.Body)`
			`if err != nil {`
			`return err`
			`}`

			`msg.InReplyTo = inReplyTo.Envelope.MessageId`
			`// TODO: populate From from known user addresses and inReplyTo.Envelope.To`
			`replyTo := inReplyTo.Envelope.ReplyTo`
			`if len(replyTo) == 0 {`
			`replyTo = inReplyTo.Envelope.From`
			`}`
			`if len(replyTo) > 0 {`
			`msg.To = make([]string, len(replyTo))`
			`for i, to := range replyTo {`
			`msg.To[i] = to.MailboxName + "@" + to.HostName`
			`}`
			`}`
			`msg.Subject = inReplyTo.Envelope.Subject`
			`if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {`
			`msg.Subject = "Re: " + msg.Subject`
			`}`
			`}`

Add basic SMTP support 2019-12-03 15:27:49 +00:00			`if ctx.Request().Method == http.MethodPost {`
Fix missing OutgoingMessage.InReplyTo assignment 2019-12-03 17:54:04 +00:00			`msg.From = ctx.FormValue("from")`
			`msg.To = parseAddressList(ctx.FormValue("to"))`
			`msg.Subject = ctx.FormValue("subject")`
			`msg.Text = ctx.FormValue("text")`
			`msg.InReplyTo = ctx.FormValue("in_reply_to")`
Add basic SMTP support 2019-12-03 15:27:49 +00:00
			`c, err := ctx.server.connectSMTP()`
			`if err != nil {`
			`return err`
			`}`
			`defer c.Close()`

			`auth := sasl.NewPlainClient("", ctx.session.username, ctx.session.password)`
			`if err := c.Auth(auth); err != nil {`
			`return echo.NewHTTPError(http.StatusForbidden, err)`
			`}`

			`if err := sendMessage(c, &msg); err != nil {`
			`return err`
			`}`

			`if err := c.Quit(); err != nil {`
			`return fmt.Errorf("QUIT failed: %v", err)`
			`}`

			`// TODO: append to IMAP Sent mailbox`

			`return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")`
			`}`

Pre-fill composer with sender address 2019-12-03 15:46:03 +00:00			`return ctx.Render(http.StatusOK, "compose.html", map[string]interface{}{`
			`"Message": &msg,`
			`})`
Add compose view 2019-12-03 13:33:20 +00:00			`}`

Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`func New(imapURL, smtpURL string) *echo.Echo {`
Add initial login logic 2019-12-02 16:24:19 +00:00			`e := echo.New()`

Parse SMTP URL from CLI 2019-12-03 14:21:59 +00:00			`s, err := NewServer(imapURL, smtpURL)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`if err != nil {`
			`e.Logger.Fatal(err)`
			`}`

Set HTTP error handler 2019-12-03 12:17:51 +00:00			`e.HTTPErrorHandler = func(err error, c echo.Context) {`
			`code := http.StatusInternalServerError`
			`if he, ok := err.(*echo.HTTPError); ok {`
			`code = he.Code`
			`} else {`
			`c.Logger().Error(err)`
			`}`
			`// TODO: hide internal errors`
			`c.String(code, err.Error())`
			`}`

Add initial login logic 2019-12-02 16:24:19 +00:00			`e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {`
			`return func(ectx echo.Context) error {`
			`ctx := &context{Context: ectx, server: s}`

			`cookie, err := ctx.Cookie(cookieName)`
			`if err == http.ErrNoCookie {`
List mailboxes 2019-12-02 16:31:34 +00:00			`// Require auth for all pages except /login`
Add empty CSS stylesheet References: https://todo.sr.ht/~sircmpwn/koushin/19 2019-12-03 16:42:33 +00:00			`if ctx.Path() == "/login" \|\| strings.HasPrefix(ctx.Path(), "/assets/") {`
List mailboxes 2019-12-02 16:31:34 +00:00			`return next(ctx)`
			`} else {`
			`return ctx.Redirect(http.StatusFound, "/login")`
			`}`
Add initial login logic 2019-12-02 16:24:19 +00:00			`} else if err != nil {`
			`return err`
			`}`

Save username/password in session This is required for authenticating with the SMTP server when composing a new message. 2019-12-03 14:44:20 +00:00			`ctx.session, err = ctx.server.imap.pool.Get(cookie.Value)`
Add initial login logic 2019-12-02 16:24:19 +00:00			`if err == ErrSessionExpired {`
			`ctx.setToken("")`
			`return ctx.Redirect(http.StatusFound, "/login")`
			`} else if err != nil {`
			`return err`
			`}`

			`return next(ctx)`
			`}`
			`})`

Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`e.Renderer, err = loadTemplates()`
			`if err != nil {`
			`e.Logger.Fatal("Failed to load templates:", err)`
			`}`

Add basic message list 2019-12-02 17:21:45 +00:00			`e.GET("/mailbox/:mbox", func(ectx echo.Context) error {`
Add initial login logic 2019-12-02 16:24:19 +00:00			`ctx := ectx.(*context)`
List mailboxes 2019-12-02 16:31:34 +00:00
Escape mailbox names in URLs Closes: https://todo.sr.ht/~sircmpwn/koushin/14 2019-12-03 16:31:53 +00:00			`mboxName, err := url.PathUnescape(ctx.Param("mbox"))`
			`if err != nil {`
			`return echo.NewHTTPError(http.StatusBadRequest, err)`
			`}`

Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`page := 0`
			`if pageStr := ctx.QueryParam("page"); pageStr != "" {`
			`var err error`
			`if page, err = strconv.Atoi(pageStr); err != nil \|\| page < 0 {`
			`return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")`
			`}`
			`}`

Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`var mailboxes []*imap.MailboxInfo`
			`var msgs []imapMessage`
			`var mbox *imap.MailboxStatus`
			`err = ctx.session.Do(func(c *imapclient.Client) error {`
			`var err error`
			`if mailboxes, err = listMailboxes(c); err != nil {`
			`return err`
			`}`
Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`if msgs, err = listMessages(c, mboxName, page); err != nil {`
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`return err`
			`}`
			`mbox = c.Mailbox()`
			`return nil`
			`})`
Add basic message list 2019-12-02 17:21:45 +00:00			`if err != nil {`
			`return err`
			`}`

Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`prevPage, nextPage := -1, -1`
			`if page > 0 {`
			`prevPage = page - 1`
			`}`
			`if (page+1)*messagesPerPage < int(mbox.Messages) {`
			`nextPage = page + 1`
			`}`

Add basic message list 2019-12-02 17:21:45 +00:00			`return ctx.Render(http.StatusOK, "mailbox.html", map[string]interface{}{`
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00			`"Mailbox": mbox,`
List mailboxes 2019-12-02 16:31:34 +00:00			`"Mailboxes": mailboxes,`
go fmt 2019-12-03 10:12:26 +00:00			`"Messages": msgs,`
Add basic pagination to message list References: https://todo.sr.ht/~sircmpwn/koushin/22 2019-12-03 18:48:28 +00:00			`"PrevPage": prevPage,`
			`"NextPage": nextPage,`
List mailboxes 2019-12-02 16:31:34 +00:00			`})`
Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`})`

Add basic message view 2019-12-02 18:53:09 +00:00			`e.GET("/message/:mbox/:uid", func(ectx echo.Context) error {`
			`ctx := ectx.(*context)`
Display & download any message part 2019-12-03 12:07:25 +00:00			`return handleGetPart(ctx, false)`
			`})`
			`e.GET("/message/:mbox/:uid/raw", func(ectx echo.Context) error {`
			`ctx := ectx.(*context)`
			`return handleGetPart(ctx, true)`
Add basic message view 2019-12-02 18:53:09 +00:00			`})`

Add initial login logic 2019-12-02 16:24:19 +00:00			`e.GET("/login", handleLogin)`
			`e.POST("/login", handleLogin)`

Add logout route 2019-12-03 12:24:46 +00:00			`e.GET("/logout", func(ectx echo.Context) error {`
			`ctx := ectx.(*context)`
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00
			`err := ctx.session.Do(func(c *imapclient.Client) error {`
			`return c.Logout()`
			`})`
			`if err != nil {`
Add context to errors 2019-12-03 13:48:11 +00:00			`return fmt.Errorf("failed to logout: %v", err)`
Add logout route 2019-12-03 12:24:46 +00:00			`}`
Add session lock HTTP requests can be processed in parallel, but we only have one IMAP connection per session. Closes: https://todo.sr.ht/~sircmpwn/koushin/12 2019-12-03 16:18:17 +00:00
Add logout route 2019-12-03 12:24:46 +00:00			`ctx.setToken("")`
			`return ctx.Redirect(http.StatusFound, "/login")`
			`})`

Add compose view 2019-12-03 13:33:20 +00:00			`e.GET("/compose", handleCompose)`
			`e.POST("/compose", handleCompose)`

Add support for replying to a message 2019-12-03 17:41:23 +00:00			`e.GET("/message/:mbox/:uid/reply", handleCompose)`
			`e.POST("/message/:mbox/:uid/reply", handleCompose)`

Add HTTP server boilerplate 2019-12-02 14:31:00 +00:00			`e.Static("/assets", "public/assets")`

			`return e`
			`}`