Merge pull request #1004 from dbauszus-glx:process-env-alias

Use origin request param instead of process.env.ALIAS

mod/user/_user.js

@@ -1,6 +1,13 @@
+const view = require('../view')
+
 const methods = {
   admin: {
-    handler: require('./admin'),
+    handler: (req,res) => {
+      req.params.template = 'user_admin_view'
+      req.params.language = req.params.user.language
+      req.params.user = req.params.user.email
+      view(req, res)
+    },
     admin: true
   },
   register: {
@@ -56,13 +63,13 @@ module.exports = (req, res) => {
   if (!req.params.user && (method.login || method.admin)) {
 
     req.params.msg = 'login_required'
-    return 
+    return methods.login.handler(req,res)
   }
 
   if (req.params.user && (!req.params.user.admin && method.admin)) {
 
     req.params.msg = 'admin_required'
-    return 
+    return methods.login.handler(req,res)
   }
 
   method.handler(req, res)

mod/user/delete.js

@@ -21,8 +21,9 @@ module.exports = async (req, res) => {
     template: 'deleted_account',
     language: user.language,
     to: user.email,
-    host: `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`,
-    protocol: `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
+    host: `${req.headers.origin 
+      || req.headers.referer && new URL(req.headers.referer).origin 
+      || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
   })
 
   res.send('User account deleted.')

mod/user/login.js

@@ -102,9 +102,10 @@ async function post(req, res) {
 
   const date = new Date()
 
-  // Get the protocol and host for account verification email.
-  const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
-  const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+  // Get the host for the account verification email.
+  const host = `${req.headers.origin 
+    || req.headers.referer && new URL(req.headers.referer).origin 
+    || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
 
   // Update access_log and return user record matched by email.
   let rows = await acl(`
@@ -169,7 +170,6 @@ async function post(req, res) {
       language: user.language,
       to: user.email,
       host: host,
-      protocol: protocol,
       remote_address
     })
 
@@ -247,7 +247,6 @@ async function post(req, res) {
       to: user.email,
       host: host,
       failed_attempts: parseInt(process.env.FAILED_ATTEMPTS) || 3,
-      protocol: protocol,
       verificationtoken: verificationtoken,
       remote_address
     })

mod/user/register.js

@@ -94,9 +94,10 @@ async function post(req, res) {
   // Get the date for logs.
   const date = new Date().toISOString().replace(/\..*/,'')
 
-  // Get the protocol and host for account verification email.
-  const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
-  const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+  // Get the host for account verification email.
+  const host = `${req.headers.origin 
+    || req.headers.referer && new URL(req.headers.referer).origin 
+    || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
 
   // The password will be reset for exisiting user accounts.
   if (user) {
@@ -129,7 +130,7 @@ async function post(req, res) {
       language: user.language,
       to: user.email,
       host: host,
-      link: `${protocol}${host}/api/user/verify/${verificationtoken}`,
+      link: `${host}/api/user/verify/${verificationtoken}`,
       remote_address
     })
 
@@ -171,7 +172,7 @@ async function post(req, res) {
     language,
     to: req.body.email,
     host: host,
-    link: `${protocol}${host}/api/user/verify/${verificationtoken}`,
+    link: `${host}/api/user/verify/${verificationtoken}`,
     remote_address
   })
 

mod/user/update.js

@@ -34,19 +34,18 @@ module.exports = async (req, res) => {
     return res.status(500).send(error_message)
   }
 
-  const protocol = `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
-
-  const host = `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`
+  const host = `${req.headers.origin 
+    || req.headers.referer && new URL(req.headers.referer).origin 
+    || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
 
   // Send email to the user account if an account has been approved.
-  if (req.params.field === 'approved' && req.params.value === 'true') {
+  if (req.params.field === 'approved' && req.params.value === true) {
 
     await mailer({
       template: 'approved_account',
       language: req.params.user.language,
       to: email,
-      host: host,
-      protocol: protocol
+      host: host
     })
   }
 

mod/user/verify.js

@@ -97,13 +97,14 @@ module.exports = async (req, res) => {
     // Get array of mail promises.
     const mail_promises = rows.map(async row => {
 
-      await mailer({
+      return await mailer({
         template: 'admin_email',
         language: row.language,
         to: row.email,
         email: user.email,
-        host: `${req.headers.host.includes('localhost') && req.headers.host || process.env.ALIAS || req.headers.host}${process.env.DIR}`,
-        protocol: `${req.headers.host.includes('localhost') && 'http' || 'https'}://`
+        host: `${req.headers.origin 
+          || req.headers.referer && new URL(req.headers.referer).origin 
+          || 'https://' + (process.env.ALIAS || req.headers.host)}${process.env.DIR}`
       })
     })
 

mod/utils/mailer.js

@@ -34,41 +34,42 @@ module.exports = async params => {
 
   const template = await languageTemplates(params)
 
+  await getBody(template)
+
+  const mailTemplate = {
+    to: params.to,
+    from: email,
+    sender: email,
+    subject: replaceStringParams(template.subject, params),
+    html: template.html ? replaceStringParams(template.html, params) : undefined,
+    text: template.text ? replaceStringParams(template.text, params) : undefined
+  }
+
+  const result = await transport.sendMail(mailTemplate).catch(err => console.error(err))
+
+  logger(result, 'mailer')
+}
+
+async function getBody(template){
+
   if (template.text) {
 
     // Prevent mail template from having text and html
     delete template.html
 
-    if (Object.hasOwn(getFrom, template.text?.split(':')[0])) {
+    if (Object.hasOwn(getFrom, template.text.split(':')[0])) {
 
-      template.text =  await getFrom[template.text.split(':')[0]](template.text)
-
-      if (!template.text) return;
+      template.text = await getFrom[template.text.split(':')[0]](template.text)
     }
-
-    template.text = replaceStringParams(template.text, params)
-
-    template.text = template.text.replace(/^(?!\s+$)\s+/gm, '')
   }
 
-  if (Object.hasOwn(getFrom, template.html?.split(':')[0])) {
-
-    template.html = await getFrom[template.html.split(':')[0]](template.html)
+  if (template.html) {
 
-    if (!template.text) return;
+    if (Object.hasOwn(getFrom, template.html.split(':')[0])) {
 
-    template.html = replaceStringParams(template.html, params)
+      template.html =  await getFrom[template.html.split(':')[0]](template.html)
+    }
   }
-
-  template.subject = replaceStringParams(template.subject, params)
-
-  template.to = params.to
-  template.from = email
-  template.sender = email
-
-  const result = await transport.sendMail(template).catch(err => console.error(err))
-
-  logger(result, 'mailer')
 }
 
 function replaceStringParams(string, params) {