feat: Implement SMTP email service client (#141)

* feat: Implement SMTP email service client

* chore: Apply review suggestions

Author: kzalys

app.env.example

@@ -15,4 +15,14 @@ MONGO_USER=hs_auth
 MONGO_PASSWORD=password123
 
 JWT_SECRET="very secret phrase"
+
+# Only required if AppConfig is configured to use SendGrid
+# as the email delivery service
 SENDGRID_API_KEY=sumkey
+
+# Only required if AppConfig is configured to use SMTP
+# as the email delivery service
+SMTP_USERNAME=username
+SMTP_PASSWORD=password
+SMTP_HOST=smtp.service
+SMTP_PORT=1111

config/base.yaml

@@ -1,6 +1,7 @@
 # Store non-sensitive project configuration here
 name: "Hacker Suite - Auth"
 email:
+  email_delivery_provider: "smtp"
   noreply_email_addr: "[email protected]"
   help_email_addr: "[email protected]"
   noreply_email_name: "UniCS"

config/config.go

@@ -3,6 +3,7 @@ package config
 import (
 	"github.com/unicsmcr/hs_auth/config/role"
 	"github.com/unicsmcr/hs_auth/environment"
+	"github.com/unicsmcr/hs_auth/services/multiplexers/types"
 	"go.uber.org/config"
 )
 
@@ -16,12 +17,14 @@ var (
 
 // EmailConfig stores the configuration to be used by the email service
 type EmailConfig struct {
-	HelpEmailAddr              string `yaml:"help_email_addr"`
-	NoreplyEmailAddr           string `yaml:"noreply_email_addr"`
-	NoreplyEmailName           string `yaml:"noreply_email_name"`
-	EmailVerificationEmailSubj string `yaml:"email_verification_email_subj"`
-	PasswordResetEmailSubj     string `yaml:"password_reset_email_subj"`
-	TokenLifetime              int64  `yaml:"token_lifetime"`
+	// Specifies what service is used for email delivery. Currently supported options: smtp, sendgrid
+	EmailDeliveryProvider      types.EmailDeliveryProvider `yaml:"email_delivery_provider"`
+	HelpEmailAddr              string                      `yaml:"help_email_addr"`
+	NoreplyEmailAddr           string                      `yaml:"noreply_email_addr"`
+	NoreplyEmailName           string                      `yaml:"noreply_email_name"`
+	EmailVerificationEmailSubj string                      `yaml:"email_verification_email_subj"`
+	PasswordResetEmailSubj     string                      `yaml:"password_reset_email_subj"`
+	TokenLifetime              int64                       `yaml:"token_lifetime"`
 }
 
 // AuthConfig stores the configuration to be used by the auth system V2

config/development.yaml

@@ -3,6 +3,8 @@ name: "Hacker Suite - Auth (dev)"
 app_url: "localhost:8000"
 domain_name: "localhost"
 use_secure_cookies: false
+email:
+  email_delivery_provider: "sendgrid"
 auth:
   default_role: "applicant"
   email_verification_required: false

environment/environment.go

@@ -19,6 +19,10 @@ const (
 	MongoPassword  = "MONGO_PASSWORD"
 	JWTSecret      = "JWT_SECRET"
 	SendgridAPIKey = "SENDGRID_API_KEY"
+	SMTPUsername   = "SMTP_USERNAME"
+	SMTPPassword   = "SMTP_PASSWORD"
+	SMTPHost       = "SMTP_HOST"
+	SMTPPort       = "SMTP_PORT"
 )
 
 // NewEnv creates an Env with loaded environment variables
@@ -33,6 +37,10 @@ func NewEnv(logger *zap.Logger) *Env {
 			MongoPassword:  valueOfEnvVar(logger, MongoPassword),
 			JWTSecret:      valueOfEnvVar(logger, JWTSecret),
 			SendgridAPIKey: valueOfEnvVar(logger, SendgridAPIKey),
+			SMTPUsername:   valueOfEnvVar(logger, SMTPUsername),
+			SMTPPassword:   valueOfEnvVar(logger, SMTPPassword),
+			SMTPHost:       valueOfEnvVar(logger, SMTPHost),
+			SMTPPort:       valueOfEnvVar(logger, SMTPPort),
 		},
 	}
 	return &env

environment/environment_test.go

@@ -18,6 +18,10 @@ func Test_NewEnv__should_return_correct_env(t *testing.T) {
 		MongoPassword:  "testmongopassword",
 		JWTSecret:      "testsecret",
 		SendgridAPIKey: "testkey",
+		SMTPUsername:   "testsmtpusername",
+		SMTPPassword:   "testsmtppassword",
+		SMTPHost:       "testsmtphost",
+		SMTPPort:       "testsmtpport",
 	}
 
 	restoreVars := testutils.SetEnvVars(vars)
@@ -41,6 +45,10 @@ func Test_Get__should_return_correct_value(t *testing.T) {
 			MongoPassword:  "testmongopassword",
 			JWTSecret:      "testsecret",
 			SendgridAPIKey: "testkey",
+			SMTPUsername:   "testsmtpusername",
+			SMTPPassword:   "testsmtppassword",
+			SMTPHost:       "testsmtphost",
+			SMTPPort:       "testsmtpport",
 		},
 	}
 
@@ -85,9 +93,29 @@ func Test_Get__should_return_correct_value(t *testing.T) {
 			args: JWTSecret,
 		},
 		{
-			name: JWTSecret,
-			want: env.vars[JWTSecret],
-			args: JWTSecret,
+			name: SendgridAPIKey,
+			want: env.vars[SendgridAPIKey],
+			args: SendgridAPIKey,
+		},
+		{
+			name: SMTPUsername,
+			want: env.vars[SMTPUsername],
+			args: SMTPUsername,
+		},
+		{
+			name: SMTPPassword,
+			want: env.vars[SMTPPassword],
+			args: SMTPPassword,
+		},
+		{
+			name: SMTPHost,
+			want: env.vars[SMTPHost],
+			args: SMTPHost,
+		},
+		{
+			name: SMTPPort,
+			want: env.vars[SMTPPort],
+			args: SMTPPort,
 		},
 	}
 

services/multiplexers/multiplexers.go

@@ -0,0 +1,30 @@
+package multiplexers
+
+import (
+	"fmt"
+	"github.com/pkg/errors"
+	sendgridgo "github.com/sendgrid/sendgrid-go"
+	authV2 "github.com/unicsmcr/hs_auth/authorization/v2"
+	"github.com/unicsmcr/hs_auth/config"
+	"github.com/unicsmcr/hs_auth/environment"
+	"github.com/unicsmcr/hs_auth/services"
+	"github.com/unicsmcr/hs_auth/services/multiplexers/types"
+	v2 "github.com/unicsmcr/hs_auth/services/sendgrid/v2"
+	smtplib "github.com/unicsmcr/hs_auth/services/smtp"
+	"github.com/unicsmcr/hs_auth/utils"
+)
+
+// NewEmailServiceV2 returns an email service client that uses either Sendgrid or SMTP for email delivery.
+// The email delivery service is specified by the AppConfig.Email.EmailDeliveryProvider field
+func NewEmailServiceV2(cfg *config.AppConfig, env *environment.Env, smtpClient utils.SMTPClient,
+	sendGridClient *sendgridgo.Client, userService services.UserService, authorizer authV2.Authorizer,
+	timeProvider utils.TimeProvider) (services.EmailServiceV2, error) {
+	switch cfg.Email.EmailDeliveryProvider {
+	case types.SMTP:
+		return smtplib.NewSMPTEmailService(cfg, env, smtpClient, userService, authorizer, timeProvider)
+	case types.SendGrid:
+		return v2.NewSendgridEmailServiceV2(cfg, env, sendGridClient, userService, authorizer, timeProvider)
+	default:
+		return nil, errors.New(fmt.Sprintf("email delivery provider %s is invalid", cfg.Email.EmailDeliveryProvider))
+	}
+}

services/multiplexers/multiplexers_test.go

@@ -0,0 +1,17 @@
+package multiplexers
+
+import (
+	"github.com/stretchr/testify/assert"
+	"github.com/unicsmcr/hs_auth/config"
+	"testing"
+)
+
+func Test_NewEmailServiceV2__returns_err_when_email_delivery_provider_not_valid(t *testing.T) {
+	_, err := NewEmailServiceV2(&config.AppConfig{
+		Email: config.EmailConfig{
+			EmailDeliveryProvider: "invalid provider",
+		},
+	}, nil, nil, nil, nil, nil, nil)
+
+	assert.Error(t, err)
+}

services/multiplexers/types/types.go

@@ -0,0 +1,8 @@
+package types
+
+type EmailDeliveryProvider string
+
+const (
+	SMTP     EmailDeliveryProvider = "smtp"
+	SendGrid EmailDeliveryProvider = "sendgrid"
+)

services/smtp/smtpEmailService.go

@@ -0,0 +1,147 @@
+package smtp
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"github.com/pkg/errors"
+	authV2 "github.com/unicsmcr/hs_auth/authorization/v2"
+	"github.com/unicsmcr/hs_auth/authorization/v2/common"
+	"github.com/unicsmcr/hs_auth/config"
+	"github.com/unicsmcr/hs_auth/entities"
+	"github.com/unicsmcr/hs_auth/environment"
+	"github.com/unicsmcr/hs_auth/services"
+	"github.com/unicsmcr/hs_auth/utils"
+	"html/template"
+	"net/smtp"
+)
+
+var (
+	passwordResetEmailTemplatePath = "templates/emails/passwordReset_email.gohtml"
+	emailVerifyEmailTemplatePath   = "templates/emails/emailVerify_email.gohtml"
+	htmlEmailTemplateStr           = `From: %s <%s>
+To: %s <%s>
+Subject: %s
+Mime-Version: 1.0;
+Content-Type: text/html; charset="UTF-8";
+Content-Transfer-Encoding: 8bit;
+
+%s
+`
+)
+
+type emailBodyTemplateDataModel struct {
+	EventName  string
+	Link       string
+	SenderName string
+}
+
+type smtpEmailService struct {
+	cfg          *config.AppConfig
+	env          *environment.Env
+	client       utils.SMTPClient
+	userService  services.UserService
+	authorizer   authV2.Authorizer
+	timeProvider utils.TimeProvider
+
+	smtpAuth                       smtp.Auth
+	passwordResetEmailBodyTemplate *template.Template
+	emailVerifyEmailBodyTemplate   *template.Template
+}
+
+func NewSMPTEmailService(cfg *config.AppConfig, env *environment.Env, client utils.SMTPClient,
+	userService services.UserService, authorizer authV2.Authorizer,
+	timeProvider utils.TimeProvider) (services.EmailServiceV2, error) {
+	passwordResetEmailTemplate, err := utils.LoadTemplate("password reset", passwordResetEmailTemplatePath)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not load password reset template")
+	}
+
+	emailVerifyEmailTemplate, err := utils.LoadTemplate("email verify", emailVerifyEmailTemplatePath)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not load email verify template")
+	}
+
+	return &smtpEmailService{
+		cfg:                            cfg,
+		env:                            env,
+		client:                         client,
+		userService:                    userService,
+		passwordResetEmailBodyTemplate: passwordResetEmailTemplate,
+		emailVerifyEmailBodyTemplate:   emailVerifyEmailTemplate,
+		authorizer:                     authorizer,
+		timeProvider:                   timeProvider,
+		smtpAuth: smtp.PlainAuth("", env.Get(environment.SMTPUsername),
+			env.Get(environment.SMTPPassword), env.Get(environment.SMTPHost)),
+	}, nil
+}
+
+func (s *smtpEmailService) SendEmail(subject, htmlBody, plainTextBody, senderName, senderEmail, recipientName, recipientEmail string) error {
+	message := fmt.Sprintf(htmlEmailTemplateStr, senderName, senderEmail, recipientName, recipientEmail, subject, htmlBody)
+
+	err := s.client.SendEmail(fmt.Sprintf("%s:%s", s.env.Get(environment.SMTPHost), s.env.Get(environment.SMTPPort)),
+		s.smtpAuth, senderEmail, []string{recipientEmail}, []byte(message))
+	if err != nil {
+		return errors.Wrap(err, "could not send email")
+	}
+
+	return nil
+}
+func (s *smtpEmailService) SendEmailVerificationEmail(ctx context.Context, user entities.User, emailVerificationResources common.UniformResourceIdentifiers) error {
+	// TODO: the emails should use tokens of type "email" (https://github.com/unicsmcr/hs_auth/issues/121)
+	emailToken, err := s.authorizer.CreateServiceToken(ctx, user.ID,
+		emailVerificationResources, s.timeProvider.Now().Unix()+s.cfg.Email.TokenLifetime)
+	if err != nil {
+		return errors.Wrap(err, "could not create auth token for email")
+	}
+
+	verificationURL := fmt.Sprintf("http://%s/verifyemail?token=%s&userId=%s", s.cfg.AppURL, emailToken, user.ID.Hex())
+
+	var contentBuff bytes.Buffer
+	err = s.emailVerifyEmailBodyTemplate.Execute(&contentBuff, emailBodyTemplateDataModel{
+		EventName:  s.cfg.Name,
+		Link:       verificationURL,
+		SenderName: s.cfg.Email.NoreplyEmailName,
+	})
+	if err != nil {
+		return errors.Wrap(err, "could not construct email")
+	}
+
+	return s.SendEmail(
+		s.cfg.Email.EmailVerificationEmailSubj,
+		contentBuff.String(),
+		"",
+		s.cfg.Email.NoreplyEmailName,
+		s.cfg.Email.NoreplyEmailAddr,
+		user.Name,
+		user.Email)
+}
+
+func (s *smtpEmailService) SendPasswordResetEmail(ctx context.Context, user entities.User, passwordResetResources common.UniformResourceIdentifiers) error {
+	// TODO: the emails should use tokens of type "email" (https://github.com/unicsmcr/hs_auth/issues/1210
+	emailToken, err := s.authorizer.CreateServiceToken(ctx, user.ID,
+		passwordResetResources, s.timeProvider.Now().Unix()+s.cfg.Email.TokenLifetime)
+	if err != nil {
+		return errors.Wrap(err, "could not create auth token for email")
+	}
+
+	resetURL := fmt.Sprintf("http://%s/resetpwd?token=%s&userId=%s", s.cfg.AppURL, emailToken, user.ID.Hex())
+
+	var contentBuff bytes.Buffer
+	err = s.passwordResetEmailBodyTemplate.Execute(&contentBuff, emailBodyTemplateDataModel{
+		Link:       resetURL,
+		SenderName: s.cfg.Email.NoreplyEmailName,
+	})
+	if err != nil {
+		return errors.Wrap(err, "could not construct email")
+	}
+
+	return s.SendEmail(
+		s.cfg.Email.PasswordResetEmailSubj,
+		contentBuff.String(),
+		"",
+		s.cfg.Email.NoreplyEmailName,
+		s.cfg.Email.NoreplyEmailAddr,
+		user.Name,
+		user.Email)
+}