wieerwill/platform
1
0
Fork 0
mirror of https://github.com/hcengineering/platform.git synced 2025-04-17 05:47:32 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

use api-key in mail service (#8257)

Browse Source 
Signed-off-by: Nikolay Chunosov <Chunosov.N@gmail.com>
This commit is contained in:
Chunosov 2025-03-18 11:01:45 +07:00 committed by GitHub
parent b531cf2cce
commit 31b54bb039
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
services/mail/pod-mail/README.md
View File

@ -9,6 +9,7 @@ It supports sending emails with multiple recipients, along with optional CC, BCC
Environment variables should be set to configure the Mail Service: Environment variables should be set to configure the Mail Service:
- `PORT`: The port on which the mail service listens for incoming HTTP requests. - `PORT`: The port on which the mail service listens for incoming HTTP requests.
- `API_KEY`: An API key that clients must pass. The parameter is optional, should be provided when external access to the service is allowed.
Settings for SMTP or SES email service should be specified, simultaneous use of both protocols is not supported Settings for SMTP or SES email service should be specified, simultaneous use of both protocols is not supported
@ -53,6 +54,8 @@ Send an email message.
- `subject`: Required. String containing the email subject. - `subject`: Required. String containing the email subject.
- `html`: Optional. String containing HTML message body. - `html`: Optional. String containing HTML message body.
- `from`: Optional. Sender's email address. - `from`: Optional. Sender's email address.
- `headers`: Optional. An object or array of additional header fields.
- `apiKey`: Required if the service started with `API_KEY`.
- `attachments`: Optional. Array of objects, each object can have the following fields: - `attachments`: Optional. Array of objects, each object can have the following fields:
- `filename`: Filename to be reported as the name of the attached file. Use of unicode is allowed. - `filename`: Filename to be reported as the name of the attached file. Use of unicode is allowed.
- `contentType`: Optional. Content type for the attachment, if not set will be derived from the filename property. - `contentType`: Optional. Content type for the attachment, if not set will be derived from the filename property.

10
services/mail/pod-mail/src/main.ts
View File

@ -55,8 +55,11 @@ export const main = async (): Promise<void> => {
} }
export async function handleSendMail (client: MailClient, req: Request, res: Response): Promise<void> { export async function handleSendMail (client: MailClient, req: Request, res: Response): Promise<void> {
// Skip auth check, since service should be internal const { from, to, subject, text, html, attachments, headers, apiKey } = req.body
const { from, to, subject, text, html, attachments } = req.body if (process.env.API_KEY !== undefined && process.env.API_KEY !== apiKey) {
res.status(401).send({ err: 'Unauthorized' })
return
}
const fromAddress = from ?? config.source const fromAddress = from ?? config.source
if (text === undefined) { if (text === undefined) {
res.status(400).send({ err: "'text' is missing" }) res.status(400).send({ err: "'text' is missing" })
@ -83,6 +86,9 @@ export async function handleSendMail (client: MailClient, req: Request, res: Res
if (html !== undefined) { if (html !== undefined) {
message.html = html message.html = html
} }
if (headers !== undefined) {
message.headers = headers
}
if (attachments !== undefined) { if (attachments !== undefined) {
message.attachments = getAttachments(attachments) message.attachments = getAttachments(attachments)
} }