kosmos/akkounts
8
1
Fork 0
Code Issues 22 Pull Requests 1 Actions Packages Releases 12 Activity

Compare commits

base: kosmos:9cc4108191fc6684011ad4916dc56e66829164b2
Branches Tags
kosmos:master kosmos:live kosmos:chore/btcpay_expired_paid-late kosmos:feature/nostr-onboarding-ruby kosmos:feature/nostr-onboarding kosmos:feature/import_deno_modules kosmos:docs/integrations kosmos:feature/ldap_aci kosmos:feature/contribution_nav
kosmos:v0.10.0 kosmos:v0.9.0 kosmos:v0.8.1 kosmos:v0.8.0 kosmos:v0.7.0 kosmos:v0.6.0 kosmos:v0.5.0 kosmos:v0.4.0 kosmos:v0.3.0 kosmos:v0.2.1 kosmos:v0.2.0 kosmos:v0.1.0
...
compare: kosmos:c4024b253420dbfe2d82e22761857320e88c7af6
Branches Tags
kosmos:live kosmos:master kosmos:chore/btcpay_expired_paid-late kosmos:feature/nostr-onboarding-ruby kosmos:feature/nostr-onboarding kosmos:feature/import_deno_modules kosmos:docs/integrations kosmos:feature/ldap_aci kosmos:feature/contribution_nav
kosmos:v0.10.0 kosmos:v0.9.0 kosmos:v0.8.1 kosmos:v0.8.0 kosmos:v0.7.0 kosmos:v0.6.0 kosmos:v0.5.0 kosmos:v0.4.0 kosmos:v0.3.0 kosmos:v0.2.1 kosmos:v0.2.0 kosmos:v0.1.0

2 Commits
9cc4108191 ... c4024b2534

Author SHA1 Message Date
Râu Cao
c4024b2534 WIP Encrypt outgoing emails when possible
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-08 11:36:37 +02:00
Râu Cao
3ee76e26ab Re-import user's pubkey on access
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details 
Sometimes, the pubkey might not be imported in the local keychain
(anymore), but at this point in the code it had been successfully
imported at least once before. So we just (re-)import every time for it
to never fail.
 2024-10-08 11:34:18 +02:00
5 changed files with 112 additions and 6 deletions
Expand all files Collapse all files

86
app/mailers/application_mailer.rb
View File

@@ -1,3 +1,89 @@
class ApplicationMailer < ActionMailer::Base
layout 'mailer'
private
def send_mail
@template ||= "#{self.class.name.underscore}/#{caller[0][/`([^']*)'/, 1]}"
headers['Message-ID'] = message_id
if @user.pgp_pubkey.present?
mail(to: @user.email, subject: "...", content_type: pgp_content_type) do |format|
format.text { render plain: pgp_content }
end
else
mail(to: @user.email, subject: @subject) do |format|
format.text { render @template }
end
end
end
def from_address
ENV.fetch('SMTP_FROM_ADDRESS', 'accounts@localhost')
end
def from_domain
Mail::Address.new(from_address).domain
end
def message_id
@message_id ||= "#{SecureRandom.uuid}@#{from_domain}"
end
def boundary
@boundary ||= SecureRandom.hex(8)
end
def pgp_content_type
"multipart/encrypted; protocol=\"application/pgp-encrypted\"; boundary=\"------------#{boundary}\""
end
def pgp_nested_content
message_content = render_to_string(template: @template)
message_content_base64 = Base64.encode64(message_content)
nested_boundary = SecureRandom.hex(8)
<<~NESTED_CONTENT
Content-Type: multipart/mixed; boundary="------------#{nested_boundary}"; protected-headers="v1"
Subject: #{@subject}
From: <#{from_address}>
To: #{@user.display_name || @user.cn} <#{@user.email}>
Message-ID: <#{message_id}>
--------------#{nested_boundary}
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
#{message_content_base64}
--------------#{nested_boundary}--
NESTED_CONTENT
end
def pgp_content
encrypted_content = UserManager::PgpEncrypt.call(user: @user, text: pgp_nested_content)
encrypted_base64 = Base64.encode64(encrypted_content.to_s)
<<~EMAIL_CONTENT
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--------------#{boundary}
Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME version identification
Version: 1
--------------#{boundary}
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
#{encrypted_base64}
-----END PGP MESSAGE-----
--------------#{boundary}--
EMAIL_CONTENT
end
end

2
app/mailers/custom_mailer.rb
View File

@@ -18,6 +18,6 @@ class CustomMailer < ApplicationMailer
@user = params[:user]
@subject = params[:subject]
@body = params[:body]
mail(to: @user.email, subject: @subject)
send_mail
end
end

8
app/mailers/notification_mailer.rb
View File

@@ -3,7 +3,7 @@ class NotificationMailer < ApplicationMailer
@user = params[:user]
@amount_sats = params[:amount_sats]
@subject = "Sats received"
mail to: @user.email, subject: @subject
send_mail
end
def remotestorage_auth_created
@@ -15,19 +15,19 @@ class NotificationMailer < ApplicationMailer
"#{access} #{directory}"
end
@subject = "New app connected to your storage"
mail to: @user.email, subject: @subject
send_mail
end
def new_invitations_available
@user = params[:user]
@subject = "New invitations added to your account"
mail to: @user.email, subject: @subject
send_mail
end
def bitcoin_donation_confirmed
@user = params[:user]
@donation = params[:donation]
@subject = "Donation confirmed"
mail to: @user.email, subject: @subject
send_mail
end
end

3
app/models/user.rb
View File

@@ -174,7 +174,8 @@ class User < ApplicationRecord
def gnupg_key
return nil unless pgp_pubkey.present?
@gnupg_key ||= GPGME::Key.get(pgp_fpr)
GPGME::Key.import(pgp_pubkey)
GPGME::Key.get(pgp_fpr)
end
def pgp_pubkey_contains_user_address?

19
app/services/user_manager/pgp_encrypt.rb Normal file
View File

@@ -0,0 +1,19 @@
require 'gpgme'
module UserManager
class PgpEncrypt < UserManagerService
def initialize(user:, text:)
@user = user
@text = text
end
def call
crypto = GPGME::Crypto.new
crypto.encrypt(
@text,
recipients: @user.gnupg_key,
always_trust: true
)
end
end
end