fix: Automatically disable email sign-in when SMTP is not configured

fix: Do not show email signin as enabled when SMTP configured closes #3227
2022-03-12 17:01:46 -08:00
parent f44b5708c3
commit e30f6e937c
5 changed files with 19 additions and 4 deletions
--- a/server/models/Team.ts
+++ b/server/models/Team.ts
@@ -20,6 +20,7 @@ import {
 } from "sequelize-typescript";
 import { v4 as uuidv4 } from "uuid";
 import { stripSubdomain, RESERVED_SUBDOMAINS } from "@shared/utils/domains";
+import env from "@server/env";
 import Logger from "@server/logging/logger";
 import { generateAvatarUrl } from "@server/utils/avatars";
 import { publicS3Endpoint, uploadToS3FromUrl } from "@server/utils/s3";
@@ -99,6 +100,18 @@ class Team extends ParanoidModel {

  // getters

+  /**
+   * Returns whether the team has email login enabled. For self-hosted installs
+   * this also considers whether SMTP connection details have been configured.
+   *
+   * @return {boolean} Whether to show email login options
+   */
+  get emailSigninEnabled(): boolean {
+    return (
+      this.guestSignin && (!!env.SMTP_HOST || env.NODE_ENV === "development")
+    );
+  }
+
  get url() {
    if (this.domain) {
      return `https://${this.domain}`;
--- a/server/presenters/team.ts
+++ b/server/presenters/team.ts
@@ -9,7 +9,7 @@ export default function present(team: Team) {
    collaborativeEditing: team.collaborativeEditing,
    defaultCollectionId: team.defaultCollectionId,
    documentEmbeds: team.documentEmbeds,
-    guestSignin: team.guestSignin,
+    guestSignin: team.emailSigninEnabled,
    subdomain: team.subdomain,
    domain: team.domain,
    url: team.url,
--- a/server/routes/api/auth.ts
+++ b/server/routes/api/auth.ts
@@ -17,7 +17,7 @@ function filterProviders(team: Team) {
      // guest sign-in is an exception as it does not have an authentication
      // provider using passport, instead it exists as a boolean option on the team
      if (provider.id === "email") {
-        return team && team.guestSignin;
+        return team?.emailSigninEnabled;
      }

      return (
--- a/server/routes/auth/providers/email.ts
+++ b/server/routes/auth/providers/email.ts
@@ -92,7 +92,7 @@ router.post("email", errorHandling(), async (ctx) => {
      return;
    }

-    if (!team.guestSignin) {
+    if (!team.emailSigninEnabled) {
      throw AuthorizationError();
    }

@@ -138,7 +138,7 @@ router.get("email.callback", async (ctx) => {
    return;
  }

-  if (!user.team.guestSignin) {
+  if (!user.team.emailSigninEnabled) {
    return ctx.redirect("/?notice=auth-error");
  }

--- a/server/test/setup.ts
+++ b/server/test/setup.ts
@@ -1,6 +1,7 @@
 import "../env";

 // test environment variables
+process.env.SMTP_HOST = "smtp.example.com";
 process.env.DATABASE_URL = process.env.DATABASE_URL_TEST;
 process.env.NODE_ENV = "test";
 process.env.GOOGLE_CLIENT_ID = "123";
@@ -19,6 +20,7 @@ jest.mock("../queues");
 jest.mock("aws-sdk", () => {
  const mS3 = {
    createPresignedPost: jest.fn(),
+    putObject: jest.fn().mockReturnThis(),
    deleteObject: jest.fn().mockReturnThis(),
    promise: jest.fn(),
  };