Add option to specify mail providers which are not supported

2025-10-03 09:49:32 +02:00 · 2019-09-09 00:00:00 +00:00 · 2019-09-09 00:00:00 +00:00 · 5987583ca3
commit 5987583ca3
parent a7533b7864
3 changed files with 34 additions and 0 deletions
--- a/Readme.md
+++ b/Readme.md
@ -57,3 +57,6 @@ This fixes the causes of lint warnings (where possible).
 - ADMIN_TOKEN
  - a password which allows to use some APIs
  - admin APIs are disabled when this is not set
+- MAIL_SERVER_BLACKLIST
+  - list of domains, separated by comma
+  - if the user tries to use such a mail service, then he will get the notification that this provider is not supported
--- a/src/api/auth.ts
+++ b/src/api/auth.ts
@ -24,6 +24,7 @@ import {
  isSendMailLoginCodeRequest,
  isSignInByMailCodeRequest
 } from './validator'
+import { isMailServerBlacklisted } from '../util/mail'

 export const createAuthRouter = (database: Database) => {
  const router = Router()
@ -46,6 +47,28 @@ export const createAuthRouter = (database: Database) => {
    }
  })

+  router.post('/send-mail-login-code-v2', json(), async (req, res, next) => {
+    try {
+      if (!isSendMailLoginCodeRequest(req.body)) {
+        throw new BadRequest()
+      }
+
+      if (isMailServerBlacklisted(req.body.mail)) {
+        res.json({ mailServerBlacklisted: true })
+      } else {
+        const { mailLoginToken } = await sendLoginCode({
+          mail: req.body.mail,
+          locale: req.body.locale,
+          database
+        })
+
+        res.json({ mailLoginToken })
+      }
+    } catch (ex) {
+      next(ex)
+    }
+  })
+
  router.post('/sign-in-by-mail-code', json(), async (req, res, next) => {
    try {
      if (!isSignInByMailCodeRequest(req.body)) {
--- a/src/util/mail.ts
+++ b/src/util/mail.ts
@ -19,6 +19,7 @@ import * as Email from 'email-templates'
 import { join } from 'path'

 const mailimprint = process.env.MAIL_IMPRINT || 'not defined'
+const mailServerBlacklist = (process.env.MAIL_SERVER_BLACKLIST || '').split(',').filter((item) => !!item)

 const email = new Email({
  message: {
@ -81,3 +82,10 @@ export const sendUninstallWarningMail = async ({ receiver, deviceName }: {
    }
  })
 }
+
+export function isMailServerBlacklisted(mail: string) {
+  const parts = mail.split('@')
+  const domain = parts[parts.length - 1]
+
+  return mailServerBlacklist.indexOf(domain.toLowerCase()) !== -1
+}