alma/NeahStable
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
866b8fb3dc
NeahStable/app/api/courrier/account/route.ts
alma 866b8fb3dc Fondation
2026-01-17 13:44:45 +01:00

439 lines
13 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from "@/app/api/auth/options";
import { saveUserEmailCredentials, testEmailConnection } from '@/lib/services/email-service';
import { invalidateFolderCache } from '@/lib/redis';
import { prisma } from '@/lib/prisma';
import bcrypt from 'bcryptjs';
import { logger } from '@/lib/logger';
// Define EmailCredentials interface inline since we're having import issues
interface EmailCredentials {
email: string;
password?: string;
host: string;
port: number;
secure?: boolean;
smtp_host?: string;
smtp_port?: number;
smtp_secure?: boolean;
display_name?: string;
color?: string;
}
/**
* Check if a user exists in the database
*/
async function userExists(userId: string): Promise<boolean> {
try {
const user = await prisma.user.findUnique({
where: { id: userId },
select: { id: true }
});
return !!user;
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error checking if user exists', {
error: error instanceof Error ? error.message : String(error)
});
return false;
}
}
/**
* Ensure user exists in database, creating if missing
* Uses session data from Keycloak to populate user record
*/
async function ensureUserExists(session: any): Promise<void> {
const userId = session.user.id;
const userEmail = session.user.email;
if (!userId || !userEmail) {
throw new Error('Missing required user data in session');
}
try {
// Check if user exists
const existingUser = await prisma.user.findUnique({
where: { id: userId }
});
if (existingUser) {
logger.debug('[COURRIER_ACCOUNT] User already exists', {
userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
});
return;
}
// User doesn't exist, create it
logger.debug('[COURRIER_ACCOUNT] User not found, creating from session data', {
userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
emailHash: Buffer.from(userEmail.toLowerCase()).toString('base64').slice(0, 12),
});
// Generate a temporary random password (not used for auth, Keycloak handles that)
const tempPassword = await bcrypt.hash(Math.random().toString(36).slice(-10), 10);
await prisma.user.create({
data: {
id: userId, // Use Keycloak user ID
email: userEmail,
password: tempPassword, // Temporary password (Keycloak handles authentication)
createdAt: new Date(),
updatedAt: new Date(),
}
});
logger.debug('[COURRIER_ACCOUNT] Successfully created user', {
userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
emailHash: Buffer.from(userEmail.toLowerCase()).toString('base64').slice(0, 12),
});
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error ensuring user exists', {
userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
error: error instanceof Error ? error.message : String(error)
});
// If it's a unique constraint error, user might have been created by another request
if (error instanceof Error && error.message.includes('Unique constraint')) {
logger.debug('[COURRIER_ACCOUNT] User may have been created by concurrent request', {
userIdHash: Buffer.from(userId).toString('base64').slice(0, 12),
});
return;
}
throw error;
}
}
export async function POST(request: Request) {
// Authenticate user (declare outside try to access in catch)
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json(
{ error: 'Unauthorized' },
{ status: 401 }
);
}
try {
// Ensure user exists in database (create if missing)
// This handles cases where the database was reset but users still exist in Keycloak
try {
await ensureUserExists(session);
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error ensuring user exists', {
userId: session.user.id,
error: error instanceof Error ? error.message : String(error)
});
return NextResponse.json(
{
error: 'Failed to ensure user exists in database',
details: error instanceof Error ? error.message : 'Unknown error'
},
{ status: 500 }
);
}
// Parse request body
const body = await request.json().catch(e => {
logger.error('[COURRIER_ACCOUNT] Error parsing request body', {
error: e instanceof Error ? e.message : String(e)
});
return {};
});
// Log the request (but hide password)
logger.debug('[COURRIER_ACCOUNT] Adding account', {
...body,
password: body.password ? '***' : undefined,
userId: session.user.id
});
const {
email,
password,
host,
port,
secure,
smtp_host,
smtp_port,
smtp_secure,
display_name,
color
} = body;
// Validate required fields
const missingFields = [];
if (!email) missingFields.push('email');
if (!password) missingFields.push('password');
if (!host) missingFields.push('host');
if (port === undefined) missingFields.push('port');
if (missingFields.length > 0) {
logger.error('[COURRIER_ACCOUNT] Missing required fields', {
missingFields,
userId: session.user.id
});
return NextResponse.json(
{ error: `Required fields missing: ${missingFields.join(', ')}` },
{ status: 400 }
);
}
// Fix common hostname errors - strip http/https prefixes
let cleanHost = host;
if (cleanHost.startsWith('http://')) {
cleanHost = cleanHost.substring(7);
} else if (cleanHost.startsWith('https://')) {
cleanHost = cleanHost.substring(8);
}
// Create credentials object
const credentials: EmailCredentials = {
email,
password,
host: cleanHost,
port: typeof port === 'string' ? parseInt(port) : port,
secure: secure ?? true,
// Optional SMTP settings
...(smtp_host && { smtp_host }),
...(smtp_port && { smtp_port: typeof smtp_port === 'string' ? parseInt(smtp_port) : smtp_port }),
...(smtp_secure !== undefined && { smtp_secure }),
// Optional display settings
...(display_name && { display_name }),
...(color && { color })
};
// Test connection before saving
logger.debug('[COURRIER_ACCOUNT] Testing connection before saving', {
userId: session.user.id,
email: email.substring(0, 5) + '***',
host: cleanHost
});
const testResult = await testEmailConnection(credentials);
if (!testResult.imap) {
return NextResponse.json(
{ error: `Connection test failed: ${testResult.error || 'Could not connect to IMAP server'}` },
{ status: 400 }
);
}
// Save credentials to database and cache
logger.debug('[COURRIER_ACCOUNT] Saving credentials', {
userId: session.user.id,
email: email.substring(0, 5) + '***'
});
await saveUserEmailCredentials(session.user.id, email, credentials);
logger.debug('[COURRIER_ACCOUNT] Email account successfully added', {
userId: session.user.id,
email: email.substring(0, 5) + '***'
});
// Fetch the created account from the database
const createdAccount = await prisma.mailCredentials.findFirst({
where: { userId: session.user.id, email },
select: {
id: true,
email: true,
display_name: true,
color: true,
}
});
// Invalidate all folder caches for this user/account
await invalidateFolderCache(session.user.id, email, '*');
return NextResponse.json({
success: true,
account: createdAccount,
message: 'Email account added successfully'
});
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error adding email account', {
userId: session?.user?.id,
error: error instanceof Error ? error.message : String(error)
});
return NextResponse.json(
{
error: 'Failed to add email account',
details: error instanceof Error ? error.message : 'Unknown error'
},
{ status: 500 }
);
}
}
export async function DELETE(request: Request) {
// Authenticate user (declare outside try to access in catch)
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
try {
const { searchParams } = new URL(request.url);
const accountId = searchParams.get('accountId');
if (!accountId) {
return NextResponse.json({ error: 'Missing accountId' }, { status: 400 });
}
// Find the account
const account = await prisma.mailCredentials.findFirst({
where: { id: accountId, userId: session.user.id },
});
if (!account) {
return NextResponse.json({ error: 'Account not found' }, { status: 404 });
}
// Find all calendar sync configs linked to this mail credential
const syncConfigs = await prisma.calendarSync.findMany({
where: {
mailCredentialId: accountId,
},
include: {
calendar: true,
},
});
// Delete calendars and sync configs associated with this account
// This prevents orphaned calendars when a mail account is deleted
for (const syncConfig of syncConfigs) {
logger.debug('[COURRIER_ACCOUNT] Deleting calendar associated with deleted account', {
calendarId: syncConfig.calendar.id,
calendarName: syncConfig.calendar.name,
accountEmail: account.email.substring(0, 5) + '***'
});
// Delete the calendar (events will be cascade deleted)
await prisma.calendar.delete({
where: { id: syncConfig.calendarId },
});
// Sync config is already deleted by cascade, but we can also delete it explicitly
try {
await prisma.calendarSync.delete({
where: { id: syncConfig.id },
});
} catch (error) {
// Ignore if already deleted by cascade
}
}
// Delete from database
await prisma.mailCredentials.delete({ where: { id: accountId } });
// Invalidate cache
await invalidateFolderCache(session.user.id, account.email, '*');
// Invalidate calendar cache for this user
try {
const { invalidateCalendarCache } = await import('@/lib/redis');
await invalidateCalendarCache(session.user.id);
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error invalidating calendar cache', {
userId: session.user.id,
error: error instanceof Error ? error.message : String(error)
});
}
return NextResponse.json({
success: true,
message: 'Account deleted',
deletedCalendars: syncConfigs.length,
});
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error deleting account', {
userId: session?.user?.id,
error: error instanceof Error ? error.message : String(error)
});
return NextResponse.json({ error: 'Failed to delete account', details: error instanceof Error ? error.message : 'Unknown error' }, { status: 500 });
}
}
export async function PATCH(request: Request) {
// Authenticate user (declare outside try to access in catch)
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json(
{ error: 'Unauthorized' },
{ status: 401 }
);
}
try {
// Parse request body
const body = await request.json();
const { accountId, newPassword, display_name, color } = body;
if (!accountId) {
return NextResponse.json(
{ error: 'Account ID is required' },
{ status: 400 }
);
}
// Check if at least one of the fields is provided
if (!newPassword && !display_name && !color) {
return NextResponse.json(
{ error: 'At least one field to update is required' },
{ status: 400 }
);
}
// Verify the account belongs to the user
const account = await prisma.mailCredentials.findFirst({
where: {
id: accountId,
userId: session.user.id
}
});
if (!account) {
return NextResponse.json(
{ error: 'Account not found' },
{ status: 404 }
);
}
// Build update data object
const updateData: any = {};
// Add password if provided
if (newPassword) {
updateData.password = newPassword;
}
// Add display_name if provided
if (display_name !== undefined) {
updateData.display_name = display_name;
}
// Add color if provided
if (color) {
updateData.color = color;
}
// Update the account
await prisma.mailCredentials.update({
where: { id: accountId },
data: updateData
});
return NextResponse.json({
success: true,
message: 'Account updated successfully'
});
} catch (error) {
logger.error('[COURRIER_ACCOUNT] Error updating account', {
userId: session?.user?.id,
error: error instanceof Error ? error.message : String(error)
});
return NextResponse.json(
{
error: 'Failed to update account',
details: error instanceof Error ? error.message : 'Unknown error'
},
{ status: 500 }
);
}
}
Reference in New Issue View Git Blame Copy Permalink