loop
/
alps
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
A webmail client. Forked from https://git.sr.ht/~migadu/alps
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
126 Ревизии
1 Клон
708 KiB
 
 
 
 
ИН на ревизия: efaf6fd444
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от 'efaf6fd444'
${ noResults }
alps/plugins/base/routes.go

497 lines
13 KiB
Директен файл Blame История 

  1. package koushinbase

  2. 

  3. import (

  4. 	"fmt"

  5. 	"io/ioutil"

  6. 	"mime"

  7. 	"net/http"

  8. 	"net/url"

  9. 	"strconv"

  10. 	"strings"

  11. 

  12. 	"git.sr.ht/~emersion/koushin"

  13. 	"github.com/emersion/go-imap"

  14. 	imapmove "github.com/emersion/go-imap-move"

  15. 	imapclient "github.com/emersion/go-imap/client"

  16. 	"github.com/emersion/go-message"

  17. 	"github.com/emersion/go-smtp"

  18. 	"github.com/labstack/echo/v4"

  19. 	"github.com/microcosm-cc/bluemonday"

  20. )

  21. 

  22. func registerRoutes(p *koushin.GoPlugin) {

  23. 	p.GET("/", func(ctx *koushin.Context) error {

  24. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  25. 	})

  26. 

  27. 	p.GET("/mailbox/:mbox", handleGetMailbox)

  28. 	p.POST("/mailbox/:mbox", handleGetMailbox)

  29. 

  30. 	p.GET("/message/:mbox/:uid", func(ctx *koushin.Context) error {

  31. 		return handleGetPart(ctx, false)

  32. 	})

  33. 	p.GET("/message/:mbox/:uid/raw", func(ctx *koushin.Context) error {

  34. 		return handleGetPart(ctx, true)

  35. 	})

  36. 

  37. 	p.GET("/login", handleLogin)

  38. 	p.POST("/login", handleLogin)

  39. 

  40. 	p.GET("/logout", handleLogout)

  41. 

  42. 	p.GET("/compose", handleCompose)

  43. 	p.POST("/compose", handleCompose)

  44. 

  45. 	p.GET("/message/:mbox/:uid/reply", handleCompose)

  46. 	p.POST("/message/:mbox/:uid/reply", handleCompose)

  47. 

  48. 	p.POST("/message/:mbox/:uid/move", handleMove)

  49. 

  50. 	p.POST("/message/:mbox/:uid/delete", handleDelete)

  51. 

  52. 	p.POST("/message/:mbox/:uid/flag", handleSetFlags)

  53. }

  54. 

  55. type MailboxRenderData struct {

  56. 	koushin.BaseRenderData

  57. 	Mailbox            *imap.MailboxStatus

  58. 	Mailboxes          []*imap.MailboxInfo

  59. 	Messages           []IMAPMessage

  60. 	PrevPage, NextPage int

  61. 	Query              string

  62. }

  63. 

  64. func handleGetMailbox(ctx *koushin.Context) error {

  65. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  66. 	if err != nil {

  67. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  68. 	}

  69. 

  70. 	page := 0

  71. 	if pageStr := ctx.QueryParam("page"); pageStr != "" {

  72. 		var err error

  73. 		if page, err = strconv.Atoi(pageStr); err != nil || page < 0 {

  74. 			return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")

  75. 		}

  76. 	}

  77. 

  78. 	query := ctx.QueryParam("query")

  79. 

  80. 	var mailboxes []*imap.MailboxInfo

  81. 	var msgs []IMAPMessage

  82. 	var mbox *imap.MailboxStatus

  83. 	var total int

  84. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  85. 		var err error

  86. 		if mailboxes, err = listMailboxes(c); err != nil {

  87. 			return err

  88. 		}

  89. 		if query != "" {

  90. 			msgs, total, err = searchMessages(c, mboxName, query, page)

  91. 		} else {

  92. 			msgs, err = listMessages(c, mboxName, page)

  93. 		}

  94. 		if err != nil {

  95. 			return err

  96. 		}

  97. 		mbox = c.Mailbox()

  98. 		return nil

  99. 	})

  100. 	if err != nil {

  101. 		return err

  102. 	}

  103. 

  104. 	prevPage, nextPage := -1, -1

  105. 	if query != "" {

  106. 		if page > 0 {

  107. 			prevPage = page - 1

  108. 		}

  109. 		if (page+1)*messagesPerPage <= total {

  110. 			nextPage = page + 1

  111. 		}

  112. 	} else {

  113. 		if page > 0 {

  114. 			prevPage = page - 1

  115. 		}

  116. 		if (page+1)*messagesPerPage < int(mbox.Messages) {

  117. 			nextPage = page + 1

  118. 		}

  119. 	}

  120. 

  121. 	return ctx.Render(http.StatusOK, "mailbox.html", &MailboxRenderData{

  122. 		BaseRenderData: *koushin.NewBaseRenderData(ctx),

  123. 		Mailbox:        mbox,

  124. 		Mailboxes:      mailboxes,

  125. 		Messages:       msgs,

  126. 		PrevPage:       prevPage,

  127. 		NextPage:       nextPage,

  128. 		Query:          query,

  129. 	})

  130. }

  131. 

  132. func handleLogin(ctx *koushin.Context) error {

  133. 	username := ctx.FormValue("username")

  134. 	password := ctx.FormValue("password")

  135. 	if username != "" && password != "" {

  136. 		s, err := ctx.Server.Sessions.Put(username, password)

  137. 		if err != nil {

  138. 			if _, ok := err.(koushin.AuthError); ok {

  139. 				return ctx.Render(http.StatusOK, "login.html", nil)

  140. 			}

  141. 			return fmt.Errorf("failed to put connection in pool: %v", err)

  142. 		}

  143. 		ctx.SetSession(s)

  144. 

  145. 		if path := ctx.QueryParam("next"); path != "" && path[0] == '/' && path != "/login" {

  146. 			return ctx.Redirect(http.StatusFound, path)

  147. 		}

  148. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  149. 	}

  150. 

  151. 	return ctx.Render(http.StatusOK, "login.html", koushin.NewBaseRenderData(ctx))

  152. }

  153. 

  154. func handleLogout(ctx *koushin.Context) error {

  155. 	ctx.Session.Close()

  156. 	ctx.SetSession(nil)

  157. 	return ctx.Redirect(http.StatusFound, "/login")

  158. }

  159. 

  160. type MessageRenderData struct {

  161. 	koushin.BaseRenderData

  162. 	Mailboxes   []*imap.MailboxInfo

  163. 	Mailbox     *imap.MailboxStatus

  164. 	Message     *IMAPMessage

  165. 	Body        string

  166. 	IsHTML      bool

  167. 	PartPath    string

  168. 	MailboxPage int

  169. 	Flags       map[string]bool

  170. }

  171. 

  172. func handleGetPart(ctx *koushin.Context, raw bool) error {

  173. 	mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  174. 	if err != nil {

  175. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  176. 	}

  177. 	partPathString := ctx.QueryParam("part")

  178. 	partPath, err := parsePartPath(partPathString)

  179. 	if err != nil {

  180. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  181. 	}

  182. 

  183. 	var mailboxes []*imap.MailboxInfo

  184. 	var msg *IMAPMessage

  185. 	var part *message.Entity

  186. 	var mbox *imap.MailboxStatus

  187. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  188. 		var err error

  189. 		if mailboxes, err = listMailboxes(c); err != nil {

  190. 			return err

  191. 		}

  192. 		if msg, part, err = getMessagePart(c, mboxName, uid, partPath); err != nil {

  193. 			return err

  194. 		}

  195. 		mbox = c.Mailbox()

  196. 		return nil

  197. 	})

  198. 	if err != nil {

  199. 		return err

  200. 	}

  201. 

  202. 	mimeType, _, err := part.Header.ContentType()

  203. 	if err != nil {

  204. 		return fmt.Errorf("failed to parse part Content-Type: %v", err)

  205. 	}

  206. 	if len(partPath) == 0 {

  207. 		mimeType = "message/rfc822"

  208. 	}

  209. 

  210. 	if raw {

  211. 		ctx.Response().Header().Set("Content-Type", mimeType)

  212. 

  213. 		disp, dispParams, _ := part.Header.ContentDisposition()

  214. 		filename := dispParams["filename"]

  215. 		if len(partPath) == 0 {

  216. 			filename = msg.Envelope.Subject + ".eml"

  217. 		}

  218. 

  219. 		// TODO: set Content-Length if possible

  220. 

  221. 		// Be careful not to serve types like text/html as inline

  222. 		if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") {

  223. 			dispParams := make(map[string]string)

  224. 			if filename != "" {

  225. 				dispParams["filename"] = filename

  226. 			}

  227. 			disp := mime.FormatMediaType("attachment", dispParams)

  228. 			ctx.Response().Header().Set("Content-Disposition", disp)

  229. 		}

  230. 

  231. 		if len(partPath) == 0 {

  232. 			return part.WriteTo(ctx.Response())

  233. 		} else {

  234. 			return ctx.Stream(http.StatusOK, mimeType, part.Body)

  235. 		}

  236. 	}

  237. 

  238. 	var body string

  239. 	if strings.HasPrefix(strings.ToLower(mimeType), "text/") {

  240. 		b, err := ioutil.ReadAll(part.Body)

  241. 		if err != nil {

  242. 			return fmt.Errorf("failed to read part body: %v", err)

  243. 		}

  244. 		body = string(b)

  245. 	}

  246. 

  247. 	isHTML := false

  248. 	if strings.EqualFold(mimeType, "text/html") {

  249. 		p := bluemonday.UGCPolicy()

  250. 		// TODO: be more strict

  251. 		p.AllowElements("style")

  252. 		p.AllowAttrs("style")

  253. 		p.AddTargetBlankToFullyQualifiedLinks(true)

  254. 		body = p.Sanitize(body)

  255. 		isHTML = true

  256. 	}

  257. 

  258. 	flags := make(map[string]bool)

  259. 	for _, f := range mbox.PermanentFlags {

  260. 		f = imap.CanonicalFlag(f)

  261. 		if f == imap.TryCreateFlag {

  262. 			continue

  263. 		}

  264. 		flags[f] = msg.HasFlag(f)

  265. 	}

  266. 

  267. 	return ctx.Render(http.StatusOK, "message.html", &MessageRenderData{

  268. 		BaseRenderData: *koushin.NewBaseRenderData(ctx),

  269. 		Mailboxes:      mailboxes,

  270. 		Mailbox:        mbox,

  271. 		Message:        msg,

  272. 		Body:           body,

  273. 		IsHTML:         isHTML,

  274. 		PartPath:       partPathString,

  275. 		MailboxPage:    int(mbox.Messages-msg.SeqNum) / messagesPerPage,

  276. 		Flags:          flags,

  277. 	})

  278. }

  279. 

  280. type ComposeRenderData struct {

  281. 	koushin.BaseRenderData

  282. 	Message *OutgoingMessage

  283. }

  284. 

  285. func handleCompose(ctx *koushin.Context) error {

  286. 	var msg OutgoingMessage

  287. 	if strings.ContainsRune(ctx.Session.Username(), '@') {

  288. 		msg.From = ctx.Session.Username()

  289. 	}

  290. 

  291. 	msg.To = strings.Split(ctx.QueryParam("to"), ",")

  292. 	msg.Subject = ctx.QueryParam("subject")

  293. 	msg.Text = ctx.QueryParam("body")

  294. 	msg.InReplyTo = ctx.QueryParam("in-reply-to")

  295. 

  296. 	if ctx.Request().Method == http.MethodGet && ctx.Param("uid") != "" {

  297. 		// This is a reply

  298. 		mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  299. 		if err != nil {

  300. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  301. 		}

  302. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  303. 		if err != nil {

  304. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  305. 		}

  306. 

  307. 		var inReplyTo *IMAPMessage

  308. 		var part *message.Entity

  309. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  310. 			var err error

  311. 			inReplyTo, part, err = getMessagePart(c, mboxName, uid, partPath)

  312. 			return err

  313. 		})

  314. 		if err != nil {

  315. 			return err

  316. 		}

  317. 

  318. 		mimeType, _, err := part.Header.ContentType()

  319. 		if err != nil {

  320. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  321. 		}

  322. 

  323. 		if !strings.HasPrefix(strings.ToLower(mimeType), "text/") {

  324. 			err := fmt.Errorf("cannot reply to \"%v\" part", mimeType)

  325. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  326. 		}

  327. 

  328. 		msg.Text, err = quote(part.Body)

  329. 		if err != nil {

  330. 			return err

  331. 		}

  332. 

  333. 		msg.InReplyTo = inReplyTo.Envelope.MessageId

  334. 		// TODO: populate From from known user addresses and inReplyTo.Envelope.To

  335. 		replyTo := inReplyTo.Envelope.ReplyTo

  336. 		if len(replyTo) == 0 {

  337. 			replyTo = inReplyTo.Envelope.From

  338. 		}

  339. 		if len(replyTo) > 0 {

  340. 			msg.To = make([]string, len(replyTo))

  341. 			for i, to := range replyTo {

  342. 				msg.To[i] = to.Address()

  343. 			}

  344. 		}

  345. 		msg.Subject = inReplyTo.Envelope.Subject

  346. 		if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {

  347. 			msg.Subject = "Re: " + msg.Subject

  348. 		}

  349. 	}

  350. 

  351. 	if ctx.Request().Method == http.MethodPost {

  352. 		msg.From = ctx.FormValue("from")

  353. 		msg.To = parseAddressList(ctx.FormValue("to"))

  354. 		msg.Subject = ctx.FormValue("subject")

  355. 		msg.Text = ctx.FormValue("text")

  356. 		msg.InReplyTo = ctx.FormValue("in_reply_to")

  357. 

  358. 		form, err := ctx.MultipartForm()

  359. 		if err != nil {

  360. 			return fmt.Errorf("failed to get multipart form: %v", err)

  361. 		}

  362. 		msg.Attachments = form.File["attachments"]

  363. 

  364. 		err = ctx.Session.DoSMTP(func(c *smtp.Client) error {

  365. 			return sendMessage(c, &msg)

  366. 		})

  367. 		if err != nil {

  368. 			if _, ok := err.(koushin.AuthError); ok {

  369. 				return echo.NewHTTPError(http.StatusForbidden, err)

  370. 			}

  371. 			return err

  372. 		}

  373. 

  374. 		// TODO: append to IMAP Sent mailbox

  375. 		// TODO: add \Answered flag to original IMAP message

  376. 

  377. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  378. 	}

  379. 

  380. 	return ctx.Render(http.StatusOK, "compose.html", &ComposeRenderData{

  381. 		BaseRenderData: *koushin.NewBaseRenderData(ctx),

  382. 		Message:        &msg,

  383. 	})

  384. }

  385. 

  386. func handleMove(ctx *koushin.Context) error {

  387. 	mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  388. 	if err != nil {

  389. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  390. 	}

  391. 

  392. 	to := ctx.FormValue("to")

  393. 

  394. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  395. 		mc := imapmove.NewClient(c)

  396. 

  397. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  398. 			return err

  399. 		}

  400. 

  401. 		var seqSet imap.SeqSet

  402. 		seqSet.AddNum(uid)

  403. 		if err := mc.UidMoveWithFallback(&seqSet, to); err != nil {

  404. 			return fmt.Errorf("failed to move message: %v", err)

  405. 		}

  406. 

  407. 		// TODO: get the UID of the message in the destination mailbox with UIDPLUS

  408. 		return nil

  409. 	})

  410. 	if err != nil {

  411. 		return err

  412. 	}

  413. 

  414. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(to)))

  415. }

  416. 

  417. func handleDelete(ctx *koushin.Context) error {

  418. 	mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  419. 	if err != nil {

  420. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  421. 	}

  422. 

  423. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  424. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  425. 			return err

  426. 		}

  427. 

  428. 		var seqSet imap.SeqSet

  429. 		seqSet.AddNum(uid)

  430. 

  431. 		item := imap.FormatFlagsOp(imap.AddFlags, true)

  432. 		flags := []interface{}{imap.DeletedFlag}

  433. 		if err := c.UidStore(&seqSet, item, flags, nil); err != nil {

  434. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  435. 		}

  436. 

  437. 		if err := c.Expunge(nil); err != nil {

  438. 			return fmt.Errorf("failed to expunge mailbox: %v", err)

  439. 		}

  440. 

  441. 		// Deleting a message invalidates our cached message count

  442. 		// TODO: listen to async updates instead

  443. 		if _, err := c.Select(mboxName, false); err != nil {

  444. 			return fmt.Errorf("failed to select mailbox: %v", err)

  445. 		}

  446. 

  447. 		return nil

  448. 	})

  449. 	if err != nil {

  450. 		return err

  451. 	}

  452. 

  453. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  454. }

  455. 

  456. func handleSetFlags(ctx *koushin.Context) error {

  457. 	mboxName, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  458. 	if err != nil {

  459. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  460. 	}

  461. 

  462. 	form, err := ctx.FormParams()

  463. 	if err != nil {

  464. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  465. 	}

  466. 	flags, ok := form["flags"]

  467. 	if !ok {

  468. 		return echo.NewHTTPError(http.StatusBadRequest, "missing 'flags' form values")

  469. 	}

  470. 

  471. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  472. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  473. 			return err

  474. 		}

  475. 

  476. 		var seqSet imap.SeqSet

  477. 		seqSet.AddNum(uid)

  478. 

  479. 		storeItems := make([]interface{}, len(flags))

  480. 		for i, f := range flags {

  481. 			storeItems[i] = f

  482. 		}

  483. 

  484. 		item := imap.FormatFlagsOp(imap.SetFlags, true)

  485. 		if err := c.UidStore(&seqSet, item, storeItems, nil); err != nil {

  486. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  487. 		}

  488. 

  489. 		return nil

  490. 	})

  491. 	if err != nil {

  492. 		return err

  493. 	}

  494. 

  495. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/message/%v/%v", url.PathEscape(mboxName), uid))

  496. }