From f29fcb535e8d45be3bf5518cfd0c8db4608626e1 Mon Sep 17 00:00:00 2001
From: janost <janost@users.noreply.github.com>
Date: Sun, 22 Nov 2020 01:06:19 +0100
Subject: [PATCH] Allow setting SMTP auth password from file via
 SMTP_PASSWORD_FILE

---
 src/config.rs | 27 +++++++++++++++++++++++++--
 src/mail.rs   |  4 ++--
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/src/config.rs b/src/config.rs
index 60dc317c..b58b5376 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -1,3 +1,4 @@
+use std::fs;
 use std::process::exit;
 use std::sync::RwLock;
 
@@ -430,6 +431,10 @@ make_config! {
         smtp_username:                 String, true,   option;
         /// Password
         smtp_password:                 Pass,   true,   option;
+        /// Password file
+        smtp_password_file:            String, true,   option;
+        /// Field to store the actual SMTP password
+        smtp_password_used:            String, false,  gen,      |c| decide_smtp_password(&c.smtp_password, &c.smtp_password_file);
         /// SMTP Auth mechanism |> Defaults for SSL is "Plain" and "Login" and nothing for Non-SSL connections. Possible values: ["Plain", "Login", "Xoauth2"]. Multiple options need to be separated by a comma ','.
         smtp_auth_mechanism:           String, true,   option;
         /// SMTP connection timeout |> Number of seconds when to stop trying to connect to the SMTP server
@@ -510,8 +515,12 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
             err!("Both `SMTP_HOST` and `SMTP_FROM` need to be set for email support")
         }
 
-        if cfg.smtp_username.is_some() != cfg.smtp_password.is_some() {
-            err!("Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication")
+        if cfg.smtp_username.is_some() && (cfg.smtp_password.is_some() && cfg.smtp_password_file.is_some()) {
+          err!("When `SMTP_USERNAME` is set, only one of `SMTP_PASSWORD` or `SMTP_PASSWORD_FILE` must be set to enable email authentication")
+        }
+
+        if cfg.smtp_password.is_some() && cfg.smtp_password_file.is_some() {
+          err!("Only one of the following can be set at once: `SMTP_PASSWORD`, `SMTP_PASSWORD_FILE`")
         }
 
         if cfg._enable_email_2fa && (!cfg._enable_smtp || cfg.smtp_host.is_none()) {
@@ -553,6 +562,20 @@ fn extract_url_path(url: &str) -> String {
     }
 }
 
+fn decide_smtp_password(smtp_password: &Option<String>, smtp_password_file: &Option<String>) -> String {
+  match smtp_password_file {
+    Some(f) => {
+      fs::read_to_string(f).expect("Error loading SMTP password file")
+    },
+    None => {
+      match smtp_password {
+        Some(p) => p.to_string(),
+        None => "".to_string()
+      }
+    }
+  }
+}
+
 impl Config {
     pub fn load() -> Result<Self, Error> {
         // Loading from env and file
diff --git a/src/mail.rs b/src/mail.rs
index 7419169a..b8aaf3f1 100644
--- a/src/mail.rs
+++ b/src/mail.rs
@@ -47,8 +47,8 @@ fn mailer() -> SmtpTransport {
         smtp_client
     };
 
-    let smtp_client = match (CONFIG.smtp_username(), CONFIG.smtp_password()) {
-        (Some(user), Some(pass)) => smtp_client.credentials(Credentials::new(user, pass)),
+    let smtp_client = match (CONFIG.smtp_username(), CONFIG.smtp_password_used()) {
+        (Some(user), pass) => smtp_client.credentials(Credentials::new(user, pass)),
         _ => smtp_client,
     };