alps/server.go

461 lines
10 KiB
Go
Raw Normal View History

2019-12-02 14:31:00 +00:00
package koushin
import (
2019-12-02 16:24:19 +00:00
"fmt"
2019-12-03 12:07:25 +00:00
"io/ioutil"
"mime"
2019-12-02 14:31:00 +00:00
"net/http"
2019-12-02 16:24:19 +00:00
"net/url"
"strconv"
2019-12-03 12:07:25 +00:00
"strings"
2019-12-02 16:24:19 +00:00
"time"
2019-12-02 14:31:00 +00:00
"github.com/emersion/go-imap"
2019-12-02 16:24:19 +00:00
imapclient "github.com/emersion/go-imap/client"
"github.com/emersion/go-message"
2019-12-03 15:27:49 +00:00
"github.com/emersion/go-sasl"
2019-12-03 10:12:26 +00:00
"github.com/labstack/echo/v4"
2019-12-02 14:31:00 +00:00
)
2019-12-02 16:24:19 +00:00
const cookieName = "koushin_session"
const messagesPerPage = 50
2019-12-02 16:24:19 +00:00
type Server struct {
imap struct {
2019-12-03 10:12:26 +00:00
host string
tls bool
2019-12-02 16:24:19 +00:00
insecure bool
pool *ConnPool
}
2019-12-03 14:21:59 +00:00
smtp struct {
host string
tls bool
insecure bool
}
2019-12-02 16:24:19 +00:00
}
2019-12-03 14:21:59 +00:00
func (s *Server) parseIMAPURL(imapURL string) error {
2019-12-02 16:24:19 +00:00
u, err := url.Parse(imapURL)
if err != nil {
2019-12-03 14:21:59 +00:00
return fmt.Errorf("failed to parse IMAP server URL: %v", err)
2019-12-02 16:24:19 +00:00
}
s.imap.host = u.Host
switch u.Scheme {
case "imap":
// This space is intentionally left blank
case "imaps":
s.imap.tls = true
case "imap+insecure":
s.imap.insecure = true
default:
2019-12-03 14:21:59 +00:00
return fmt.Errorf("unrecognized IMAP URL scheme: %s", u.Scheme)
}
return nil
}
func (s *Server) parseSMTPURL(smtpURL string) error {
u, err := url.Parse(smtpURL)
if err != nil {
return fmt.Errorf("failed to parse SMTP server URL: %v", err)
}
s.smtp.host = u.Host
switch u.Scheme {
case "smtp":
// This space is intentionally left blank
case "smtps":
s.smtp.tls = true
case "smtp+insecure":
s.smtp.insecure = true
default:
return fmt.Errorf("unrecognized SMTP URL scheme: %s", u.Scheme)
2019-12-02 16:24:19 +00:00
}
2019-12-03 14:21:59 +00:00
return nil
}
func newServer(imapURL, smtpURL string) (*Server, error) {
2019-12-03 14:21:59 +00:00
s := &Server{}
if err := s.parseIMAPURL(imapURL); err != nil {
return nil, err
}
2019-12-02 16:24:19 +00:00
s.imap.pool = NewConnPool()
2019-12-02 14:31:00 +00:00
2019-12-03 14:21:59 +00:00
if smtpURL != "" {
if err := s.parseSMTPURL(smtpURL); err != nil {
return nil, err
}
}
2019-12-02 16:24:19 +00:00
return s, nil
}
type context struct {
echo.Context
2019-12-03 15:27:49 +00:00
server *Server
session *Session
2019-12-02 16:24:19 +00:00
}
var aLongTimeAgo = time.Unix(233431200, 0)
func (c *context) setToken(token string) {
cookie := http.Cookie{
2019-12-03 10:12:26 +00:00
Name: cookieName,
Value: token,
2019-12-02 16:24:19 +00:00
HttpOnly: true,
// TODO: domain, secure
}
if token == "" {
cookie.Expires = aLongTimeAgo // unset the cookie
}
c.SetCookie(&cookie)
}
func handleLogin(ectx echo.Context) error {
ctx := ectx.(*context)
username := ctx.FormValue("username")
password := ctx.FormValue("password")
if username != "" && password != "" {
conn, err := ctx.server.connectIMAP()
if err != nil {
return err
}
if err := conn.Login(username, password); err != nil {
conn.Logout()
return ctx.Render(http.StatusOK, "login.html", nil)
}
token, err := ctx.server.imap.pool.Put(conn, username, password)
2019-12-02 16:24:19 +00:00
if err != nil {
2019-12-03 13:48:11 +00:00
return fmt.Errorf("failed to put connection in pool: %v", err)
2019-12-02 16:24:19 +00:00
}
ctx.setToken(token)
2019-12-02 17:21:45 +00:00
return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")
2019-12-02 16:24:19 +00:00
}
return ctx.Render(http.StatusOK, "login.html", nil)
}
2019-12-03 12:07:25 +00:00
func handleGetPart(ctx *context, raw bool) error {
2019-12-03 17:41:23 +00:00
mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))
2019-12-03 12:07:25 +00:00
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err)
}
partPathString := ctx.QueryParam("part")
partPath, err := parsePartPath(partPathString)
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err)
}
var msg *imapMessage
var part *message.Entity
var mbox *imap.MailboxStatus
err = ctx.session.Do(func(c *imapclient.Client) error {
var err error
msg, part, err = getMessagePart(c, mboxName, uid, partPath)
mbox = c.Mailbox()
return err
})
2019-12-03 12:07:25 +00:00
if err != nil {
return err
}
mimeType, _, err := part.Header.ContentType()
if err != nil {
2019-12-03 13:48:11 +00:00
return fmt.Errorf("failed to parse part Content-Type: %v", err)
2019-12-03 12:07:25 +00:00
}
if len(partPath) == 0 {
mimeType = "message/rfc822"
}
if raw {
disp, dispParams, _ := part.Header.ContentDisposition()
filename := dispParams["filename"]
// TODO: set Content-Length if possible
2019-12-03 12:07:25 +00:00
if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") {
dispParams := make(map[string]string)
if filename != "" {
dispParams["filename"] = filename
}
disp := mime.FormatMediaType("attachment", dispParams)
ctx.Response().Header().Set("Content-Disposition", disp)
}
return ctx.Stream(http.StatusOK, mimeType, part.Body)
}
var body string
if strings.HasPrefix(strings.ToLower(mimeType), "text/") {
b, err := ioutil.ReadAll(part.Body)
if err != nil {
2019-12-03 13:48:11 +00:00
return fmt.Errorf("failed to read part body: %v", err)
2019-12-03 12:07:25 +00:00
}
body = string(b)
}
return ctx.Render(http.StatusOK, "message.html", map[string]interface{}{
"Mailbox": mbox,
"Message": msg,
"Body": body,
"PartPath": partPathString,
"MailboxPage": (mbox.Messages - msg.SeqNum) / messagesPerPage,
2019-12-03 12:07:25 +00:00
})
}
2019-12-03 13:33:20 +00:00
func handleCompose(ectx echo.Context) error {
ctx := ectx.(*context)
2019-12-03 15:27:49 +00:00
2019-12-03 15:46:03 +00:00
var msg OutgoingMessage
if strings.ContainsRune(ctx.session.username, '@') {
msg.From = ctx.session.username
}
2019-12-03 17:41:23 +00:00
if ctx.Request().Method == http.MethodGet && ctx.Param("uid") != "" {
// This is a reply
mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err)
}
partPath, err := parsePartPath(ctx.QueryParam("part"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err)
}
var inReplyTo *imapMessage
var part *message.Entity
err = ctx.session.Do(func(c *imapclient.Client) error {
var err error
inReplyTo, part, err = getMessagePart(c, mboxName, uid, partPath)
return err
})
if err != nil {
return err
}
mimeType, _, err := part.Header.ContentType()
if err != nil {
return fmt.Errorf("failed to parse part Content-Type: %v", err)
}
if !strings.HasPrefix(strings.ToLower(mimeType), "text/") {
err := fmt.Errorf("cannot reply to \"%v\" part", mimeType)
return echo.NewHTTPError(http.StatusBadRequest, err)
}
msg.Text, err = quote(part.Body)
if err != nil {
return err
}
msg.InReplyTo = inReplyTo.Envelope.MessageId
// TODO: populate From from known user addresses and inReplyTo.Envelope.To
replyTo := inReplyTo.Envelope.ReplyTo
if len(replyTo) == 0 {
replyTo = inReplyTo.Envelope.From
}
if len(replyTo) > 0 {
msg.To = make([]string, len(replyTo))
for i, to := range replyTo {
msg.To[i] = to.MailboxName + "@" + to.HostName
}
}
msg.Subject = inReplyTo.Envelope.Subject
if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {
msg.Subject = "Re: " + msg.Subject
}
}
2019-12-03 15:27:49 +00:00
if ctx.Request().Method == http.MethodPost {
msg.From = ctx.FormValue("from")
msg.To = parseAddressList(ctx.FormValue("to"))
msg.Subject = ctx.FormValue("subject")
msg.Text = ctx.FormValue("text")
msg.InReplyTo = ctx.FormValue("in_reply_to")
2019-12-03 15:27:49 +00:00
c, err := ctx.server.connectSMTP()
if err != nil {
return err
}
defer c.Close()
auth := sasl.NewPlainClient("", ctx.session.username, ctx.session.password)
if err := c.Auth(auth); err != nil {
return echo.NewHTTPError(http.StatusForbidden, err)
}
if err := sendMessage(c, &msg); err != nil {
return err
}
if err := c.Quit(); err != nil {
return fmt.Errorf("QUIT failed: %v", err)
}
// TODO: append to IMAP Sent mailbox
return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")
}
2019-12-03 15:46:03 +00:00
return ctx.Render(http.StatusOK, "compose.html", map[string]interface{}{
"Message": &msg,
})
2019-12-03 13:33:20 +00:00
}
func isPublic(path string) bool {
return path == "/login" || strings.HasPrefix(path, "/assets/") ||
strings.HasPrefix(path, "/themes/")
}
type Options struct {
IMAPURL, SMTPURL string
Theme string
}
2019-12-02 16:24:19 +00:00
func New(e *echo.Echo, options *Options) error {
s, err := newServer(options.IMAPURL, options.SMTPURL)
2019-12-02 16:24:19 +00:00
if err != nil {
return err
}
e.Renderer, err = loadTemplates(e.Logger, options.Theme)
if err != nil {
return fmt.Errorf("failed to load templates: %v", err)
2019-12-02 16:24:19 +00:00
}
2019-12-03 12:17:51 +00:00
e.HTTPErrorHandler = func(err error, c echo.Context) {
code := http.StatusInternalServerError
if he, ok := err.(*echo.HTTPError); ok {
code = he.Code
} else {
c.Logger().Error(err)
}
// TODO: hide internal errors
c.String(code, err.Error())
}
2019-12-02 16:24:19 +00:00
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(ectx echo.Context) error {
ctx := &context{Context: ectx, server: s}
cookie, err := ctx.Cookie(cookieName)
if err == http.ErrNoCookie {
2019-12-02 16:31:34 +00:00
// Require auth for all pages except /login
if isPublic(ctx.Path()) {
2019-12-02 16:31:34 +00:00
return next(ctx)
} else {
return ctx.Redirect(http.StatusFound, "/login")
}
2019-12-02 16:24:19 +00:00
} else if err != nil {
return err
}
ctx.session, err = ctx.server.imap.pool.Get(cookie.Value)
2019-12-02 16:24:19 +00:00
if err == ErrSessionExpired {
ctx.setToken("")
return ctx.Redirect(http.StatusFound, "/login")
} else if err != nil {
return err
}
return next(ctx)
}
})
2019-12-02 17:21:45 +00:00
e.GET("/mailbox/:mbox", func(ectx echo.Context) error {
2019-12-02 16:24:19 +00:00
ctx := ectx.(*context)
2019-12-02 16:31:34 +00:00
mboxName, err := url.PathUnescape(ctx.Param("mbox"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err)
}
page := 0
if pageStr := ctx.QueryParam("page"); pageStr != "" {
var err error
if page, err = strconv.Atoi(pageStr); err != nil || page < 0 {
return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")
}
}
var mailboxes []*imap.MailboxInfo
var msgs []imapMessage
var mbox *imap.MailboxStatus
err = ctx.session.Do(func(c *imapclient.Client) error {
var err error
if mailboxes, err = listMailboxes(c); err != nil {
return err
}
if msgs, err = listMessages(c, mboxName, page); err != nil {
return err
}
mbox = c.Mailbox()
return nil
})
2019-12-02 17:21:45 +00:00
if err != nil {
return err
}
prevPage, nextPage := -1, -1
if page > 0 {
prevPage = page - 1
}
if (page+1)*messagesPerPage < int(mbox.Messages) {
nextPage = page + 1
}
2019-12-02 17:21:45 +00:00
return ctx.Render(http.StatusOK, "mailbox.html", map[string]interface{}{
"Mailbox": mbox,
2019-12-02 16:31:34 +00:00
"Mailboxes": mailboxes,
2019-12-03 10:12:26 +00:00
"Messages": msgs,
"PrevPage": prevPage,
"NextPage": nextPage,
2019-12-02 16:31:34 +00:00
})
2019-12-02 14:31:00 +00:00
})
2019-12-02 18:53:09 +00:00
e.GET("/message/:mbox/:uid", func(ectx echo.Context) error {
ctx := ectx.(*context)
2019-12-03 12:07:25 +00:00
return handleGetPart(ctx, false)
})
e.GET("/message/:mbox/:uid/raw", func(ectx echo.Context) error {
ctx := ectx.(*context)
return handleGetPart(ctx, true)
2019-12-02 18:53:09 +00:00
})
2019-12-02 16:24:19 +00:00
e.GET("/login", handleLogin)
e.POST("/login", handleLogin)
2019-12-03 12:24:46 +00:00
e.GET("/logout", func(ectx echo.Context) error {
ctx := ectx.(*context)
err := ctx.session.Do(func(c *imapclient.Client) error {
return c.Logout()
})
if err != nil {
2019-12-03 13:48:11 +00:00
return fmt.Errorf("failed to logout: %v", err)
2019-12-03 12:24:46 +00:00
}
2019-12-03 12:24:46 +00:00
ctx.setToken("")
return ctx.Redirect(http.StatusFound, "/login")
})
2019-12-03 13:33:20 +00:00
e.GET("/compose", handleCompose)
e.POST("/compose", handleCompose)
2019-12-03 17:41:23 +00:00
e.GET("/message/:mbox/:uid/reply", handleCompose)
e.POST("/message/:mbox/:uid/reply", handleCompose)
2019-12-02 14:31:00 +00:00
e.Static("/assets", "public/assets")
e.Static("/themes", "public/themes")
2019-12-02 14:31:00 +00:00
return nil
2019-12-02 14:31:00 +00:00
}