365DevNet/365devnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance SMTP configuration in docker-compose and email handler

Browse Source 
- Updated docker-compose.yml to include optional SMTP settings with comments for clarity on configuration.
- Modified email-handler.ts to prioritize FROM_EMAIL for the sender address, falling back to SMTP_USER or ADMIN_EMAIL if not set, improving email handling flexibility.
This commit is contained in:
Richard Bergsma
2025-11-18 22:44:58 +01:00
parent 6cd45c254b
commit 6fa07b4b63
4 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.cursor/worktrees.json Normal file
View File

@@ -0,0 +1,5 @@
{
"setup-worktree": [
"npm install"
]
}

15
docker-compose.yml
View File

@@ -14,12 +14,19 @@ services:
- NODE_ENV=production - NODE_ENV=production
- PORT=3000 - PORT=3000
- ENABLE_SSR_CSP=1 - ENABLE_SSR_CSP=1
# Add your other environment variables here # SMTP Settings - Loaded from .env file or set here
# Uncomment and set these if not using .env file:
# - SMTP_HOST=smtp.your-server.com
# - SMTP_PORT=587
# - SMTP_USER=your-email@domain.com
# - SMTP_PASS=your-password
# - FROM_EMAIL=support@365devnet.eu # Optional: Custom "from" address
# - ADMIN_EMAIL=admin@365devnet.eu
# - WEBSITE_NAME=365DevNet
# Other settings
# - GEMINI_API_KEY=${GEMINI_API_KEY} # - GEMINI_API_KEY=${GEMINI_API_KEY}
# - EMAIL_USER=${EMAIL_USER}
# - EMAIL_PASS=${EMAIL_PASS}
env_file: env_file:
- .env - .env # SMTP settings will be loaded from this file
volumes: volumes:
# Mount logs directory if you want to persist logs # Mount logs directory if you want to persist logs
- ./logs:/app/logs - ./logs:/app/logs

2
server.js
View File

@@ -25,7 +25,7 @@ app.use((req, res, next) => {
if (process.env.ENABLE_SSR_CSP === '1') { if (process.env.ENABLE_SSR_CSP === '1') {
res.setHeader( res.setHeader(
'Content-Security-Policy', 'Content-Security-Policy',
"default-src 'self' https://365devnet.eu https://*.365devnet.eu; " + "default-src 'self' https://365devnet.eu https://*.365devnet.eu https://chat.365devnet.eu; " +
"script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://chat.365devnet.eu; " + "script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://chat.365devnet.eu; " +
"style-src 'self' 'unsafe-inline'; " + "style-src 'self' 'unsafe-inline'; " +
"img-src 'self' data: https: blob:; " + "img-src 'self' data: https: blob:; " +

4
src/utils/email-handler.ts
View File

@@ -12,6 +12,7 @@ const {
SMTP_USER = '', SMTP_USER = '',
SMTP_PASS = '', SMTP_PASS = '',
ADMIN_EMAIL = '', ADMIN_EMAIL = '',
FROM_EMAIL = '', // Optional: Custom "from" address (defaults to SMTP_USER or ADMIN_EMAIL)
WEBSITE_NAME = '365DevNet Support', WEBSITE_NAME = '365DevNet Support',
// Microsoft 365 / OAuth2 (optional) // Microsoft 365 / OAuth2 (optional)
OAUTH2_CLIENT_ID = '', OAUTH2_CLIENT_ID = '',
@@ -229,7 +230,8 @@ export async function sendEmail(to: string, subject: string, html: string, text:
try { try {
// Never trust user-provided domain for From header to prevent spoofing. // Never trust user-provided domain for From header to prevent spoofing.
const safeSender = SMTP_USER || ADMIN_EMAIL; // Use FROM_EMAIL if set, otherwise fall back to SMTP_USER or ADMIN_EMAIL
const safeSender = FROM_EMAIL || SMTP_USER || ADMIN_EMAIL;
const fromAddress = isProduction const fromAddress = isProduction
? `"${WEBSITE_NAME}" <${safeSender}>` ? `"${WEBSITE_NAME}" <${safeSender}>`
: `"${WEBSITE_NAME}" <${ADMIN_EMAIL}>`; : `"${WEBSITE_NAME}" <${ADMIN_EMAIL}>`;