Merge pull request #2168 from Infisical/misc/added-email-self-host-co…

…nditionals

misc: added checks for formatting email templates for self-hosted or cloud

backend/src/services/smtp/smtp-service.ts

@@ -5,14 +5,15 @@ import handlebars from "handlebars";
 import { createTransport } from "nodemailer";
 import SMTPTransport from "nodemailer/lib/smtp-transport";
 
+import { getConfig } from "@app/lib/config/env";
 import { logger } from "@app/lib/logger";
 
 export type TSmtpConfig = SMTPTransport.Options;
 export type TSmtpSendMail = {
  template: SmtpTemplates;
  subjectLine: string;
  recipients: string[];
- substitutions: unknown;
+ substitutions: object;
 };
 export type TSmtpService = ReturnType<typeof smtpServiceFactory>;
 
@@ -47,9 +48,11 @@ export const smtpServiceFactory = (cfg: TSmtpConfig) => {
  const isSmtpOn = Boolean(cfg.host);
 
  const sendMail = async ({ substitutions, recipients, template, subjectLine }: TSmtpSendMail) => {
+ const appCfg = getConfig();
  const html = await fs.readFile(path.resolve(__dirname, "./templates/", template), "utf8");
  const temp = handlebars.compile(html);
- const htmlToSend = temp(substitutions);
+ const htmlToSend = temp({ isCloud: appCfg.isCloud, siteUrl: appCfg.SITE_URL, ...substitutions });
+
  if (isSmtpOn) {
  await smtp.sendMail({
  from: cfg.from,

backend/src/services/smtp/templates/emailMfa.handlebars

@@ -1,19 +1,19 @@
 <!DOCTYPE html>
 <html>
 
-<head>
- <meta charset="utf-8">
- <meta http-equiv="x-ua-compatible" content="ie=edge">
+ <head>
+ <meta charset="utf-8" />
+ <meta http-equiv="x-ua-compatible" content="ie=edge" />
  <title>MFA Code</title>
-</head>
+ </head>
 
-<body>
+ <body>
  <h2>Infisical</h2>
  <h2>Sign in attempt requires further verification</h2>
  <p>Your MFA code is below — enter it where you started signing in to Infisical.</p>
  <h2>{{code}}</h2>
  <p>The MFA code will be valid for 2 minutes.</p>
- <p>Not you? Contact Infisical or your administrator immediately.</p>
-</body>
+ <p>Not you? Contact {{#if isCloud}}Infisical{{else}}your administrator{{/if}} immediately.</p>
+ </body>
 
 </html>

backend/src/services/smtp/templates/historicalSecretLeakIncident.handlebars

@@ -9,12 +9,12 @@
 
 <body>
  <h3>Infisical has uncovered {{numberOfSecrets}} secret(s) from historical commits to your repo</h3>
- <p><a href="https://app.infisical.com/secret-scanning"><strong>View leaked secrets</strong></a></p>
+ <p><a href="{{siteUrl}}/secret-scanning"><strong>View leaked secrets</strong></a></p>
 
  <p>If these are production secrets, please rotate them immediately.</p>
 
  <p>Once you have taken action, be sure to update the status of the risk in your <a
- href="https://app.infisical.com/">Infisical
+ href="{{siteUrl}}">Infisical
  dashboard</a>.</p>
 </body>
 

backend/src/services/smtp/templates/newDevice.handlebars

@@ -1,19 +1,19 @@
 <!DOCTYPE html>
 <html>
 
-<head>
- <meta charset="utf-8">
- <meta http-equiv="x-ua-compatible" content="ie=edge">
+ <head>
+ <meta charset="utf-8" />
+ <meta http-equiv="x-ua-compatible" content="ie=edge" />
  <title>Successful login for {{email}} from new device</title>
-</head>
+ </head>
 
-<body>
+ <body>
  <h2>Infisical</h2>
  <p>We're verifying a recent login for {{email}}:</p>
  <p><strong>Timestamp</strong>: {{timestamp}}</p>
  <p><strong>IP address</strong>: {{ip}}</p>
  <p><strong>User agent</strong>: {{userAgent}}</p>
- <p>If you believe that this login is suspicious, please contact Infisical or reset your password immediately.</p>
-</body>
+ <p>If you believe that this login is suspicious, please contact {{#if isCloud}}Infisical{{else}}your administrator{{/if}} or reset your password immediately.</p>
+ </body>
 
 </html>

backend/src/services/smtp/templates/passwordReset.handlebars

@@ -9,6 +9,6 @@
  <h2>Reset your password</h2>
  <p>Someone requested a password reset.</p>
  <a href="{{callback_url}}?token={{token}}&to={{email}}">Reset password</a>
- <p>If you didn't initiate this request, please contact us immediately at team@infisical.com</p>
+ <p>If you didn't initiate this request, please contact {{#if isCloud}}us immediately at team@infisical.com.{{else}}your administrator immediately.{{/if}}</p>
 </body>
 </html>

backend/src/services/smtp/templates/secretLeakIncident.handlebars

@@ -9,7 +9,7 @@
 
 <body>
  <h3>Infisical has uncovered {{numberOfSecrets}} secret(s) from your recent push</h3>
- <p><a href="https://app.infisical.com/secret-scanning"><strong>View leaked secrets</strong></a></p>
+ <p><a href="{{siteUrl}}/secret-scanning"><strong>View leaked secrets</strong></a></p>
  <p>You are receiving this notification because one or more secret leaks have been detected in a recent commit pushed
  by {{pusher_name}} ({{pusher_email}}). If
  these are test secrets, please add `infisical-scan:ignore` at the end of the line containing the secret as comment
@@ -18,7 +18,7 @@
  <p>If these are production secrets, please rotate them immediately.</p>
 
  <p>Once you have taken action, be sure to update the status of the risk in your <a
- href="https://app.infisical.com/">Infisical
+ href="{{siteUrl}}">Infisical
  dashboard</a>.</p>
 </body>
 

backend/src/services/smtp/templates/signupEmailVerification.handlebars

@@ -11,7 +11,7 @@
  <h2>Confirm your email address</h2>
  <p>Your confirmation code is below — enter it in the browser window where you've started signing up for Infisical.</p>
  <h1>{{code}}</h1>
- <p>Questions about setting up Infisical? Email us at support@infisical.com</p>
+ <p>Questions about setting up Infisical? {{#if isCloud}}Email us at support@infisical.com{{else}}Contact your administrator{{/if}}.</p>
 </body>
 
 </html>