Nurfog/openccb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
567fa6642859cb1b146bfac6ef0975382a7d73a2
openccb/services/lms-service/src/handlers_email.rs
T

407 lines
14 KiB
Rust
Raw Blame History

use axum::{Json, extract::State, http::StatusCode};
use bcrypt::hash;
use lettre::message::Mailbox;
use lettre::transport::smtp::authentication::Credentials;
use lettre::{AsyncSmtpTransport, AsyncTransport, Message, Tokio1Executor};
use rand::distributions::Alphanumeric;
use rand::{Rng, thread_rng};
use serde::{Deserialize, Serialize};
use sqlx::PgPool;
use std::env;
use uuid::Uuid;
// ─── Helpers SMTP compartidos ─────────────────────────────────────────────────
#[derive(Debug, Clone)]
pub struct SmtpConfig {
pub enabled: bool,
pub host: String,
pub from: String,
pub port: u16,
pub starttls: bool,
pub username: Option<String>,
pub password: Option<String>,
}
#[derive(Debug, Clone, sqlx::FromRow)]
struct OrgEmailServiceRow {
service_type: String,
smtp_enabled: bool,
smtp_host: Option<String>,
smtp_port: i32,
smtp_from: Option<String>,
smtp_username: Option<String>,
smtp_password: Option<String>,
smtp_starttls: bool,
}
pub async fn load_smtp_config(pool: &PgPool, organization_id: Uuid) -> Option<SmtpConfig> {
// Intentar cargar config desde la BD
let row = sqlx::query_as::<_, OrgEmailServiceRow>(
r#"
SELECT service_type, smtp_enabled, smtp_host, smtp_port, smtp_from,
smtp_username, smtp_password, smtp_starttls
FROM organization_email_services
WHERE organization_id = $1
ORDER BY is_default DESC, created_at ASC
LIMIT 1
"#,
)
.bind(organization_id)
.fetch_optional(pool)
.await
.ok()
.flatten();
if let Some(row) = row {
if row.service_type.trim().to_lowercase() == "smtp" {
let host = row.smtp_host.unwrap_or_default().trim().to_string();
if !host.is_empty() {
return Some(SmtpConfig {
enabled: row.smtp_enabled,
host,
from: row.smtp_from.unwrap_or_else(|| "OpenCCB <no-reply@openccb.local>".to_string()),
port: u16::try_from(row.smtp_port).unwrap_or(587),
starttls: row.smtp_starttls,
username: row.smtp_username.filter(|v| !v.trim().is_empty()),
password: row.smtp_password.filter(|v| !v.trim().is_empty()),
});
}
}
}
// Fallback a variables de entorno
let host = env::var("SMTP_HOST").ok().filter(|v| !v.trim().is_empty())?;
let enabled = env::var("SMTP_ENABLED")
.map(|v| matches!(v.trim().to_lowercase().as_str(), "1" | "true" | "yes"))
.unwrap_or(false);
let from = env::var("SMTP_FROM")
.unwrap_or_else(|_| "OpenCCB <no-reply@openccb.local>".to_string());
let port = env::var("SMTP_PORT")
.ok()
.and_then(|v| v.parse::<u16>().ok())
.unwrap_or(587);
let starttls = env::var("SMTP_STARTTLS")
.map(|v| matches!(v.trim().to_lowercase().as_str(), "1" | "true" | "yes"))
.unwrap_or(false);
Some(SmtpConfig {
enabled,
host,
from,
port,
starttls,
username: env::var("SMTP_USERNAME").ok().filter(|v| !v.trim().is_empty()),
password: env::var("SMTP_PASSWORD").ok().filter(|v| !v.trim().is_empty()),
})
}
pub fn build_mailer(config: &SmtpConfig) -> Result<AsyncSmtpTransport<Tokio1Executor>, String> {
let mut builder = if config.starttls {
AsyncSmtpTransport::<Tokio1Executor>::relay(&config.host)
.map_err(|e| format!("SMTP relay error: {}", e))?
.port(config.port)
} else {
AsyncSmtpTransport::<Tokio1Executor>::builder_dangerous(&config.host).port(config.port)
};
if let (Some(user), Some(pass)) = (&config.username, &config.password) {
builder = builder.credentials(Credentials::new(user.trim().to_string(), pass.trim().to_string()));
}
Ok(builder.build())
}
pub async fn send_email(
config: &SmtpConfig,
to_email: &str,
to_name: &str,
subject: &str,
body_html: &str,
) -> Result<(), String> {
if !config.enabled {
tracing::debug!("SMTP deshabilitado — email no enviado a {}", to_email);
return Ok(());
}
let from: Mailbox = config
.from
.parse()
.map_err(|e| format!("From inválido: {}", e))?;
let to_str = if to_name.is_empty() {
to_email.to_string()
} else {
format!("{} <{}>", to_name, to_email)
};
let to: Mailbox = to_str.parse().map_err(|e| format!("To inválido: {}", e))?;
let email = Message::builder()
.from(from)
.to(to)
.subject(subject)
.header(lettre::message::header::ContentType::TEXT_HTML)
.body(body_html.to_string())
.map_err(|e| format!("Error construyendo email: {}", e))?;
let mailer = build_mailer(config)?;
mailer.send(email).await.map_err(|e| format!("Error enviando email: {}", e))?;
Ok(())
}
// ─── Password Reset ────────────────────────────────────────────────────────────
#[derive(Deserialize)]
pub struct ForgotPasswordPayload {
pub email: String,
}
#[derive(Deserialize)]
pub struct ResetPasswordPayload {
pub token: String,
pub new_password: String,
}
#[derive(Serialize)]
pub struct MessageResponse {
pub message: String,
}
#[derive(sqlx::FromRow)]
struct UserForReset {
id: Uuid,
email: String,
full_name: Option<String>,
organization_id: Uuid,
}
pub async fn forgot_password(
State(pool): State<PgPool>,
Json(payload): Json<ForgotPasswordPayload>,
) -> Result<Json<MessageResponse>, (StatusCode, String)> {
let email = payload.email.trim().to_lowercase();
// Buscar usuario (respuesta genérica para no revelar si existe)
let user = sqlx::query_as::<_, UserForReset>(
"SELECT id, email, full_name, organization_id FROM users WHERE LOWER(email) = $1",
)
.bind(&email)
.fetch_optional(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
let Some(user) = user else {
// Respuesta genérica — no revelar si el email existe
return Ok(Json(MessageResponse {
message: "Si el correo existe, recibirás un enlace para restablecer tu contraseña."
.to_string(),
}));
};
// Generar token seguro de 48 caracteres
let token: String = thread_rng()
.sample_iter(&Alphanumeric)
.take(48)
.map(char::from)
.collect();
// Invalidar tokens anteriores del mismo usuario
sqlx::query("UPDATE password_reset_tokens SET used_at = NOW() WHERE user_id = $1 AND used_at IS NULL")
.bind(user.id)
.execute(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
// Insertar nuevo token (expira en 1 hora)
sqlx::query(
"INSERT INTO password_reset_tokens (user_id, token, expires_at) VALUES ($1, $2, NOW() + INTERVAL '1 hour')",
)
.bind(user.id)
.bind(&token)
.execute(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
// Intentar enviar email (fire-and-forget en caso de error SMTP)
let base_url = env::var("EXPERIENCE_URL").unwrap_or_else(|_| "https://openccb.local".to_string());
let reset_url = format!("{}/reset-password?token={}", base_url, token);
let full_name = user.full_name.as_deref().unwrap_or("Estudiante");
let body = format!(
r#"<!DOCTYPE html>
<html>
<head><meta charset="utf-8"></head>
<body style="font-family:Arial,sans-serif;max-width:600px;margin:0 auto;padding:20px">
<h2>Restablecer contraseña</h2>
<p>Hola {full_name},</p>
<p>Recibimos una solicitud para restablecer la contraseña de tu cuenta.</p>
<p style="text-align:center;margin:30px 0">
<a href="{reset_url}"
style="background:#4f46e5;color:#fff;padding:12px 24px;text-decoration:none;border-radius:6px;display:inline-block">
Restablecer contraseña
</a>
</p>
<p>Este enlace expira en <strong>1 hora</strong>.</p>
<p>Si no solicitaste esto, ignora este mensaje.</p>
<hr style="border:none;border-top:1px solid #eee;margin:30px 0">
<p style="color:#888;font-size:12px">OpenCCB — Plataforma de Aprendizaje</p>
</body>
</html>"#,
full_name = full_name,
reset_url = reset_url
);
if let Some(smtp) = load_smtp_config(&pool, user.organization_id).await {
if let Err(e) = send_email(&smtp, &user.email, full_name, "Restablecer contraseña", &body).await {
tracing::warn!("No se pudo enviar email de reset a {}: {}", user.email, e);
}
}
Ok(Json(MessageResponse {
message: "Si el correo existe, recibirás un enlace para restablecer tu contraseña.".to_string(),
}))
}
pub async fn reset_password(
State(pool): State<PgPool>,
Json(payload): Json<ResetPasswordPayload>,
) -> Result<Json<MessageResponse>, (StatusCode, String)> {
let token = payload.token.trim().to_string();
if token.is_empty() || payload.new_password.len() < 8 {
return Err((
StatusCode::BAD_REQUEST,
"Token o contraseña inválidos (mínimo 8 caracteres)".to_string(),
));
}
// Buscar token válido
let row = sqlx::query_as::<_, (Uuid,)>(
r#"SELECT user_id FROM password_reset_tokens
WHERE token = $1 AND used_at IS NULL AND expires_at > NOW()"#,
)
.bind(&token)
.fetch_optional(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
let Some((user_id,)) = row else {
return Err((
StatusCode::BAD_REQUEST,
"Token inválido o expirado".to_string(),
));
};
// Hashear nueva contraseña
let password_hash = hash(&payload.new_password, 13).map_err(|_| {
(StatusCode::INTERNAL_SERVER_ERROR, "Error al procesar contraseña".to_string())
})?;
// Actualizar contraseña
sqlx::query("UPDATE users SET password_hash = $1, updated_at = NOW() WHERE id = $2")
.bind(&password_hash)
.bind(user_id)
.execute(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
// Marcar token como usado
sqlx::query("UPDATE password_reset_tokens SET used_at = NOW() WHERE token = $1")
.bind(&token)
.execute(&pool)
.await
.map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()))?;
Ok(Json(MessageResponse {
message: "Contraseña actualizada correctamente. Ya puedes iniciar sesión.".to_string(),
}))
}
// ─── Emails transaccionales ────────────────────────────────────────────────────
/// Envía email de bienvenida al inscribirse en un curso.
/// Fire-and-forget (los errores se loguean, no bloquean la respuesta).
pub async fn send_enrollment_email(
pool: &PgPool,
organization_id: Uuid,
user_email: &str,
user_name: &str,
course_title: &str,
) {
let Some(smtp) = load_smtp_config(pool, organization_id).await else {
return;
};
let base_url = env::var("EXPERIENCE_URL").unwrap_or_else(|_| "https://openccb.local".to_string());
let body = format!(
r#"<!DOCTYPE html>
<html>
<head><meta charset="utf-8"></head>
<body style="font-family:Arial,sans-serif;max-width:600px;margin:0 auto;padding:20px">
<h2>¡Te has inscrito exitosamente!</h2>
<p>Hola {user_name},</p>
<p>Tu inscripción en <strong>{course_title}</strong> ha sido confirmada.</p>
<p style="text-align:center;margin:30px 0">
<a href="{base_url}/courses"
style="background:#4f46e5;color:#fff;padding:12px 24px;text-decoration:none;border-radius:6px;display:inline-block">
Ir a mis cursos
</a>
</p>
<p>¡Mucho éxito en tu aprendizaje!</p>
<hr style="border:none;border-top:1px solid #eee;margin:30px 0">
<p style="color:#888;font-size:12px">OpenCCB — Plataforma de Aprendizaje</p>
</body>
</html>"#,
user_name = user_name,
course_title = course_title,
base_url = base_url
);
if let Err(e) = send_email(&smtp, user_email, user_name, &format!("Inscripción confirmada: {}", course_title), &body).await {
tracing::warn!("Email de inscripción no enviado a {}: {}", user_email, e);
}
}
/// Envía email de felicitación al completar un curso.
pub async fn send_completion_email(
pool: &PgPool,
organization_id: Uuid,
user_email: &str,
user_name: &str,
course_title: &str,
) {
let Some(smtp) = load_smtp_config(pool, organization_id).await else {
return;
};
let base_url = env::var("EXPERIENCE_URL").unwrap_or_else(|_| "https://openccb.local".to_string());
let body = format!(
r#"<!DOCTYPE html>
<html>
<head><meta charset="utf-8"></head>
<body style="font-family:Arial,sans-serif;max-width:600px;margin:0 auto;padding:20px">
<h2>🎉 ¡Felicitaciones, completaste el curso!</h2>
<p>Hola {user_name},</p>
<p>Has completado exitosamente <strong>{course_title}</strong>.</p>
<p>Puedes descargar tu certificado desde la plataforma.</p>
<p style="text-align:center;margin:30px 0">
<a href="{base_url}/courses"
style="background:#16a34a;color:#fff;padding:12px 24px;text-decoration:none;border-radius:6px;display:inline-block">
Ver mis certificados
</a>
</p>
<p>Sigue aprendiendo — ¡el conocimiento no tiene límites!</p>
<hr style="border:none;border-top:1px solid #eee;margin:30px 0">
<p style="color:#888;font-size:12px">OpenCCB — Plataforma de Aprendizaje</p>
</body>
</html>"#,
user_name = user_name,
course_title = course_title,
base_url = base_url
);
if let Err(e) = send_email(&smtp, user_email, user_name, &format!("¡Completaste: {}!", course_title), &body).await {
tracing::warn!("Email de completitud no enviado a {}: {}", user_email, e);
}
}
Reference in New Issue View Git Blame Copy Permalink