📧 feat: Mailgun API Email Configuration (danny-avila#7742)

danny-avila · MichielMAnalytics · commit 7b61010d7c8e · 2025-06-26T21:33:03.000+02:00
* fix: add undefined password check in local user authentication

* fix: edge case - issue deleting user when no conversations in deleteUserController

* feat: Integrate Mailgun API for email sending functionality

* fix: undefined SESSION_EXPIRY handling and add tests

* fix: update import path for isEnabled utility in azureUtils.js to resolve circular dep.
diff --git a/.env.example b/.env.example
@@ -489,6 +489,18 @@ EMAIL_PASSWORD=
 EMAIL_FROM_NAME=
 EMAIL_FROM=noreply@librechat.ai
 
+#========================#
+#      Mailgun API       #
+#========================#
+
+# MAILGUN_API_KEY=your-mailgun-api-key
+# MAILGUN_DOMAIN=mg.yourdomain.com
+# EMAIL_FROM=noreply@yourdomain.com
+# EMAIL_FROM_NAME="LibreChat"
+
+# # Optional: For EU region
+# MAILGUN_HOST=https://api.eu.mailgun.net
+
 #========================#
 # Firebase CDN           #
 #========================#
diff --git a/api/models/userMethods.js b/api/models/userMethods.js
@@ -12,6 +12,10 @@ const comparePassword = async (user, candidatePassword) => {
     throw new Error('No user provided');
   }
 
+  if (!user.password) {
+    throw new Error('No password, likely an email first registered via Social/OIDC login');
+  }
+
   return new Promise((resolve, reject) => {
     bcrypt.compare(candidatePassword, user.password, (err, isMatch) => {
       if (err) {
diff --git a/api/server/controllers/UserController.js b/api/server/controllers/UserController.js
@@ -163,7 +163,11 @@ const deleteUserController = async (req, res) => {
     await Balance.deleteMany({ user: user._id }); // delete user balances
     await deletePresets(user.id); // delete user presets
     /* TODO: Delete Assistant Threads */
-    await deleteConvos(user.id); // delete user convos
+    try {
+      await deleteConvos(user.id); // delete user convos
+    } catch (error) {
+      logger.error('[deleteUserController] Error deleting user convos, likely no convos', error);
+    }
     await deleteUserPluginAuth(user.id, null, true); // delete user plugin auth
     await deleteUserById(user.id); // delete user
     await deleteAllSharedLinks(user.id); // delete user shared links
diff --git a/api/server/utils/index.js b/api/server/utils/index.js
@@ -13,12 +13,19 @@ const math = require('./math');
  * @returns {Boolean}
  */
 function checkEmailConfig() {
-  return (
+  // Check if Mailgun is configured
+  const hasMailgunConfig =
+    !!process.env.MAILGUN_API_KEY && !!process.env.MAILGUN_DOMAIN && !!process.env.EMAIL_FROM;
+
+  // Check if SMTP is configured
+  const hasSMTPConfig =
     (!!process.env.EMAIL_SERVICE || !!process.env.EMAIL_HOST) &&
     !!process.env.EMAIL_USERNAME &&
     !!process.env.EMAIL_PASSWORD &&
-    !!process.env.EMAIL_FROM
-  );
+    !!process.env.EMAIL_FROM;
+
+  // Return true if either Mailgun or SMTP is properly configured
+  return hasMailgunConfig || hasSMTPConfig;
 }
 
 module.exports = {
diff --git a/api/server/utils/sendEmail.js b/api/server/utils/sendEmail.js
@@ -1,10 +1,69 @@
 const fs = require('fs');
 const path = require('path');
+const axios = require('axios');
+const FormData = require('form-data');
 const nodemailer = require('nodemailer');
 const handlebars = require('handlebars');
 const { isEnabled } = require('~/server/utils/handleText');
+const { logAxiosError } = require('~/utils');
 const logger = require('~/config/winston');
 
+/**
+ * Sends an email using Mailgun API.
+ *
+ * @async
+ * @function sendEmailViaMailgun
+ * @param {Object} params - The parameters for sending the email.
+ * @param {string} params.to - The recipient's email address.
+ * @param {string} params.from - The sender's email address.
+ * @param {string} params.subject - The subject of the email.
+ * @param {string} params.html - The HTML content of the email.
+ * @returns {Promise<Object>} - A promise that resolves to the response from Mailgun API.
+ */
+const sendEmailViaMailgun = async ({ to, from, subject, html }) => {
+  const mailgunApiKey = process.env.MAILGUN_API_KEY;
+  const mailgunDomain = process.env.MAILGUN_DOMAIN;
+  const mailgunHost = process.env.MAILGUN_HOST || 'https://api.mailgun.net';
+
+  if (!mailgunApiKey || !mailgunDomain) {
+    throw new Error('Mailgun API key and domain are required');
+  }
+
+  const formData = new FormData();
+  formData.append('from', from);
+  formData.append('to', to);
+  formData.append('subject', subject);
+  formData.append('html', html);
+
+  try {
+    const response = await axios.post(`${mailgunHost}/v3/${mailgunDomain}/messages`, formData, {
+      headers: {
+        ...formData.getHeaders(),
+        Authorization: `Basic ${Buffer.from(`api:${mailgunApiKey}`).toString('base64')}`,
+      },
+    });
+
+    return response.data;
+  } catch (error) {
+    throw new Error(logAxiosError({ error, message: 'Failed to send email via Mailgun' }));
+  }
+};
+
+/**
+ * Sends an email using SMTP via Nodemailer.
+ *
+ * @async
+ * @function sendEmailViaSMTP
+ * @param {Object} params - The parameters for sending the email.
+ * @param {Object} params.transporterOptions - The transporter configuration options.
+ * @param {Object} params.mailOptions - The email options.
+ * @returns {Promise<Object>} - A promise that resolves to the info object of the sent email.
+ */
+const sendEmailViaSMTP = async ({ transporterOptions, mailOptions }) => {
+  const transporter = nodemailer.createTransport(transporterOptions);
+  return await transporter.sendMail(mailOptions);
+};
+
 /**
  * Sends an email using the specified template, subject, and payload.
  *
@@ -34,6 +93,30 @@ const logger = require('~/config/winston');
  */
 const sendEmail = async ({ email, subject, payload, template, throwError = true }) => {
   try {
+    // Read and compile the email template
+    const source = fs.readFileSync(path.join(__dirname, 'emails', template), 'utf8');
+    const compiledTemplate = handlebars.compile(source);
+    const html = compiledTemplate(payload);
+
+    // Prepare common email data
+    const fromName = process.env.EMAIL_FROM_NAME || process.env.APP_TITLE;
+    const fromEmail = process.env.EMAIL_FROM;
+    const fromAddress = `"${fromName}" <${fromEmail}>`;
+    const toAddress = `"${payload.name}" <${email}>`;
+
+    // Check if Mailgun is configured
+    if (process.env.MAILGUN_API_KEY && process.env.MAILGUN_DOMAIN) {
+      logger.debug('[sendEmail] Using Mailgun provider');
+      return await sendEmailViaMailgun({
+        from: fromAddress,
+        to: toAddress,
+        subject: subject,
+        html: html,
+      });
+    }
+
+    // Default to SMTP
+    logger.debug('[sendEmail] Using SMTP provider');
     const transporterOptions = {
       // Use STARTTLS by default instead of obligatory TLS
       secure: process.env.EMAIL_ENCRYPTION === 'tls',
@@ -62,30 +145,21 @@ const sendEmail = async ({ email, subject, payload, template, throwError = true
       transporterOptions.port = process.env.EMAIL_PORT ?? 25;
     }
 
-    const transporter = nodemailer.createTransport(transporterOptions);
-
-    const source = fs.readFileSync(path.join(__dirname, 'emails', template), 'utf8');
-    const compiledTemplate = handlebars.compile(source);
-    const options = () => {
-      return {
-        // Header address should contain name-addr
-        from:
-          `"${process.env.EMAIL_FROM_NAME || process.env.APP_TITLE}"` +
-          `<${process.env.EMAIL_FROM}>`,
-        to: `"${payload.name}" <${email}>`,
-        envelope: {
-          // Envelope from should contain addr-spec
-          // Mistake in the Nodemailer documentation?
-          from: process.env.EMAIL_FROM,
-          to: email,
-        },
-        subject: subject,
-        html: compiledTemplate(payload),
-      };
+    const mailOptions = {
+      // Header address should contain name-addr
+      from: fromAddress,
+      to: toAddress,
+      envelope: {
+        // Envelope from should contain addr-spec
+        // Mistake in the Nodemailer documentation?
+        from: fromEmail,
+        to: email,
+      },
+      subject: subject,
+      html: html,
     };
 
-    // Send email
-    return await transporter.sendMail(options());
+    return await sendEmailViaSMTP({ transporterOptions, mailOptions });
   } catch (error) {
     if (throwError) {
       throw error;
diff --git a/api/strategies/localStrategy.js b/api/strategies/localStrategy.js
@@ -29,6 +29,12 @@ async function passportLogin(req, email, password, done) {
       return done(null, false, { message: 'Email does not exist.' });
     }
 
+    if (!user.password) {
+      logError('Passport Local Strategy - User has no password', { email });
+      logger.error(`[Login] [Login failed] [Username: ${email}] [Request-IP: ${req.ip}]`);
+      return done(null, false, { message: 'Email does not exist.' });
+    }
+
     const isMatch = await comparePassword(user, password);
     if (!isMatch) {
       logError('Passport Local Strategy - Password does not match', { isMatch });
diff --git a/packages/data-schemas/jest.config.mjs b/packages/data-schemas/jest.config.mjs
@@ -5,6 +5,7 @@ export default {
   testResultsProcessor: 'jest-junit',
   moduleNameMapper: {
     '^@src/(.*)$': '<rootDir>/src/$1',
+    '^~/(.*)$': '<rootDir>/src/$1',
   },
   // coverageThreshold: {
   //   global: {
@@ -16,4 +17,4 @@ export default {
   // },
   restoreMocks: true,
   testTimeout: 15000,
-};
+};
diff --git a/packages/data-schemas/src/methods/user.test.ts b/packages/data-schemas/src/methods/user.test.ts
diff --git a/packages/data-schemas/src/methods/user.ts b/packages/data-schemas/src/methods/user.ts
