Mercurial > prosody-modules

view mod_email/mod_email.lua @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 070faeaf51bc
children
line wrap: on
line source

module:set_global();

local moduleapi = require "core.moduleapi";

local smtp = require"socket.smtp";

local config = module:get_option("smtp", { origin = "prosody", exec = "sendmail" });

local function send_email(to, headers, content)
	if type(headers) == "string" then -- subject
		headers = {
			Subject = headers;
			From = config.origin;
		};
	end
	headers.To = to;
	if not headers["Content-Type"] then
		headers["Content-Type"] = 'text/plain; charset="utf-8"';
	end
	local message = smtp.message{
		headers = headers;
		body = content;
	};

	if config.exec then
		local pipe = io.popen(config.exec ..
			" '"..to:gsub("'", "'\\''").."'", "w");

		for str in message do
			pipe:write(str);
		end

		return pipe:close();
	end

	return smtp.send({
		user = config.user; password = config.password;
		server = config.server; port = config.port;
		domain = config.domain;

		from = config.origin; rcpt = to;
		source = message;
	});
end

assert(not moduleapi.send_email, "another email module is already loaded");
function moduleapi:send_email(email) --luacheck: ignore 212/self
	return send_email(email.to, email.headers or email.subject, email.body);
end