Add senderEmail and senderName to Organisation schema, refactor how org data is loaded

Author: mphasize

app/lib/auth.server.ts

@@ -8,6 +8,7 @@ import { mailjetSend } from "./email.server";
 import { prisma, throwErrorResponse } from "./prisma.server";
 import { requireAccessToProgram } from "./program.server";
 import { createUser } from "./user.server";
+import { getOrg } from "./organisation.server";
 
 const sessionSecret = process.env.SESSION_SECRET;
 if (!sessionSecret) {
@@ -248,6 +249,7 @@ export async function logout(request: Request) {
 }
 
 export async function sendPasswordResetLink(user: User) {
+	const org = await getOrg();
 	const reset = await prisma.userPasswordReset
 		.upsert({
 			where: {
@@ -279,8 +281,12 @@ export async function sendPasswordResetLink(user: User) {
 			Messages: [
 				{
 					From: {
-						Email: "registrations@certificates.unternehmertum.de",
-						Name: "UnternehmerTUM Certificates",
+						Email:
+							org.senderEmail ??
+							"email-not-configured@example.com",
+						Name:
+							org.senderName ??
+							"Please configure in organisation settings",
 					},
 					To: [
 						{
@@ -289,8 +295,8 @@ export async function sendPasswordResetLink(user: User) {
 						},
 					],
 					Subject: `Reset your password`,
-					TextPart: `Dear ${user.firstName} ${user.lastName},\n\nTo reset your password for UnternehmerTUM Certificates, please click on the following link:\n${resetUrl}\n\nIf you haven't requested this password reset, please ignore or report this email.\n\nThank you!`,
-					HTMLPart: `<p>Dear ${user.firstName} ${user.lastName},</p><p>To reset your password for UnternehmerTUM Certificates, please click on the following link:<br /><a href="${resetUrl}">${resetUrl}</a></p><p>If you haven't requested this password reset, please ignore or report this email.</p><p>Thank you!</p>`,
+					TextPart: `Dear ${user.firstName} ${user.lastName},\n\nTo reset your password for ${org.name} Certificates, please click on the following link:\n${resetUrl}\n\nIf you haven't requested this password reset, please ignore or report this email.\n\nThank you!`,
+					HTMLPart: `<p>Dear ${user.firstName} ${user.lastName},</p><p>To reset your password for ${org.name} Certificates, please click on the following link:<br /><a href="${resetUrl}">${resetUrl}</a></p><p>If you haven't requested this password reset, please ignore or report this email.</p><p>Thank you!</p>`,
 				},
 			],
 		}).catch((/*error*/) => {

app/lib/organisation.server.ts

@@ -0,0 +1,67 @@
+import type { Organisation, Prisma } from "@prisma/client";
+import { prisma } from "./prisma.server";
+
+export type PublicOrganisation = Prisma.OrganisationGetPayload<{
+	select: {
+		name: true;
+		imprintUrl: true;
+		privacyUrl: true;
+	};
+}>;
+
+let org: Organisation | null = null;
+let publicOrg: PublicOrganisation | null = null;
+
+export async function getOrg(): Promise<Organisation> {
+	if (org === null) {
+		// not cached yet
+
+		org = await prisma.organisation.findUnique({
+			where: {
+				id: 1,
+			},
+		});
+
+		if (org === null) {
+			// not found in database
+			org = {
+				id: 1,
+				name: "(Configure Organisation)",
+				imprintUrl: null,
+				privacyUrl: null,
+				senderEmail: null,
+				senderName: null,
+			};
+		}
+	}
+
+	return org;
+}
+
+export async function getPublicOrg(): Promise<PublicOrganisation> {
+	if (publicOrg === null) {
+		// not cached yet
+
+		publicOrg = await prisma.organisation.findUnique({
+			where: {
+				id: 1,
+			},
+			select: {
+				name: true,
+				imprintUrl: true,
+				privacyUrl: true,
+			},
+		});
+
+		if (publicOrg === null) {
+			// not found in database
+			publicOrg = {
+				name: "(Configure Organisation)",
+				imprintUrl: null,
+				privacyUrl: null,
+			};
+		}
+	}
+
+	return publicOrg;
+}

app/lib/user.server.ts

@@ -15,6 +15,7 @@ import { domain } from "./config.server";
 import { mailjetSend } from "./email.server";
 import { ensureFolderExists, readFileIfExists } from "./fs.server";
 import { prisma, throwErrorResponse } from "./prisma.server";
+import { getOrg } from "./organisation.server";
 
 const __dirname = fileURLToPath(new URL(".", import.meta.url));
 const userPhotoDir = resolve(__dirname, "../../storage/user/photos");
@@ -32,6 +33,7 @@ export const createUser = async (user: RegisterForm) => {
       verifyCode,
     },
   });
+
   await sendVerificationEmail(newUser);
   return { id: newUser.id, email: emailLowerCase };
 };
@@ -76,6 +78,7 @@ export const createUserInvitation = async (
 };
 
 export const sendVerificationEmail = async (user: User) => {
+  const org = await getOrg();
   // @todo test for user-enumeration vulnerability
   const verificationUrl = `${domain}/user/verify/${user.id}/${user.verifyCode}`;
 
@@ -84,8 +87,8 @@ export const sendVerificationEmail = async (user: User) => {
     Messages: [
       {
         From: {
-          Email: "registrations@certificates.unternehmertum.de",
-          Name: "UnternehmerTUM Certificates",
+          Email: org.senderEmail ?? "email-not-configured@example.com",
+          Name: org.senderName ?? "Please configure in organisation settings",
         },
         To: [
           {
@@ -94,8 +97,8 @@ export const sendVerificationEmail = async (user: User) => {
           },
         ],
         Subject: `Please verify your email`,
-        TextPart: `Dear ${user.firstName} ${user.lastName},\n\nTo complete your sign up for UnternehmerTUM Certificates, please click on the following link:\n${verificationUrl}\n\nIf you haven't signed up yourself, please ignore or report this email.\n\nThank you!`,
-        HTMLPart: `<p>Dear ${user.firstName} ${user.lastName},</p><p>To complete your sign up for UnternehmerTUM Certificates, please click on the following link:<br /><a href="${verificationUrl}">${verificationUrl}</a></p><p>If you haven't signed up yourself, please ignore or report this email.</p><p>Thank you!</p>`,
+        TextPart: `Dear ${user.firstName} ${user.lastName},\n\nTo complete your sign up for ${org.name} Certificates, please click on the following link:\n${verificationUrl}\n\nIf you haven't signed up yourself, please ignore or report this email.\n\nThank you!`,
+        HTMLPart: `<p>Dear ${user.firstName} ${user.lastName},</p><p>To complete your sign up for ${org.name} Certificates, please click on the following link:<br /><a href="${verificationUrl}">${verificationUrl}</a></p><p>If you haven't signed up yourself, please ignore or report this email.</p><p>Thank you!</p>`,
       },
     ],
   }).catch((error) => {
@@ -112,34 +115,39 @@ export const sendInvitationEmail = async (
   invite: UserInvitation,
   from: UserInvitationSender | null,
 ) => {
+  const org = await getOrg();
   // @todo dynamic org name from database
   const acceptUrl = `${domain}/user/accept-invite/${invite.id}/${invite.verifyCode}`;
 
   const text = `Dear ${invite.firstName} ${invite.lastName},\n\n${
     from
       ? `${from.firstName} ${from.lastName} is inviting you`
       : "You have been invited"
-  } to become an admiminstrator for the UnternehmerTUM certificates tool.\n\nTo accept the invitation, please click on the following link:\n${acceptUrl}\n\nThank you!`;
+  } to become an admiminstrator for the ${
+    org.name
+  } certificates tool.\n\nTo accept the invitation, please click on the following link:\n${acceptUrl}\n\nThank you!`;
   const html = `<p>Dear ${invite.firstName} ${invite.lastName},</p><p>${
     from
       ? `${from.firstName} ${from.lastName} is inviting you`
       : "You have been invited"
-  } to become an admiminstrator for the UnternehmerTUM certificates tool.</p><p>To accept the invitation, please click on the following link:<br /><a href="${acceptUrl}">${acceptUrl}</a></p><p>Thank you!</p>`;
+  } to become an admiminstrator for the ${
+    org.name
+  } certificates tool.</p><p>To accept the invitation, please click on the following link:<br /><a href="${acceptUrl}">${acceptUrl}</a></p><p>Thank you!</p>`;
 
   await mailjetSend({
     Messages: [
       {
         From: {
-          Email: "invitation@certificates.unternehmertum.de",
-          Name: "UnternehmerTUM Certificates",
+          Email: org.senderEmail ?? "email-not-configured@example.com",
+          Name: org.senderName ?? "Please configure in organisation settings",
         },
         To: [
           {
             Email: invite.email,
             Name: `${invite.firstName} ${invite.lastName}`,
           },
         ],
-        Subject: `You have been invited to UnternehmerTUM Certificates`,
+        Subject: `You have been invited to ${org.name} Certificates`,
         TextPart: text,
         HTMLPart: html,
       },
@@ -165,7 +173,7 @@ export async function saveTransparentPhotoUpload(
 
   const filepath = `${userPhotoDir}/${userPhoto.id}.transparent.png`;
   await lazyWriteFile(filepath, photo);
-  return await lazyOpenFile(filepath);
+  return lazyOpenFile(filepath);
 }
 
 export async function readPhoto(userPhoto: UserPhoto) {

app/routes/_index.tsx

@@ -21,6 +21,7 @@ import {
 
 import { requireUserId, getUser, logout } from "~/lib/auth.server";
 import { prisma } from "~/lib/prisma.server";
+import { getPublicOrg } from "~/lib/organisation.server";
 
 export function meta({ data }: Route.MetaArgs) {
   return [
@@ -40,28 +41,10 @@ export async function loader({ request }: Route.LoaderArgs) {
 
   if (!user) {
     return await logout(request);
-    /* return new Response(null, {
-      status: 500,
-      statusText: "Error while retrieving user information.",
-    }); */
   }
 
   // @todo parallelize DB requests instead of awaiting each one
-
-  let org = await prisma.organisation.findUnique({
-    where: {
-      id: 1,
-    },
-  });
-
-  if (!org) {
-    org = {
-      id: 1,
-      name: "Unknown Organisation",
-      imprintUrl: null,
-      privacyUrl: null,
-    };
-  }
+  const org = await getPublicOrg();
 
   const certificates = await prisma.certificate.findMany({
     where: {

app/routes/cert.$certUuid.notify.ts

@@ -5,6 +5,7 @@ import slug from "slug";
 import { requireAdmin } from "~/lib/auth.server";
 import { domain } from "~/lib/config.server";
 import { mailjetSend } from "~/lib/email.server";
+import { getOrg } from "~/lib/organisation.server";
 import { generateCertificate } from "~/lib/pdf.server";
 import { prisma } from "~/lib/prisma.server";
 
@@ -34,18 +35,7 @@ export async function action({ request, params }: Route.ActionArgs) {
     });
   }
 
-  const org = await prisma.organisation.findUnique({
-    where: {
-      id: 1,
-    },
-  });
-
-  if (!org) {
-    throw new Response(null, {
-      status: 500,
-      statusText: "Missing organisation",
-    });
-  }
+  const org = await getOrg();
 
   const social = await prisma.socialPreview.findUnique({
     where: {
@@ -110,8 +100,8 @@ export async function action({ request, params }: Route.ActionArgs) {
         // @ts-expect-error CustomId is missing from the Message type
         CustomId: certificate.uuid,
         From: {
-          Email: "notifications@certificates.unternehmertum.de",
-          Name: `${org.name} Certificates`,
+          Email: org.senderEmail ?? "email-not-configured@example.com",
+          Name: org.senderName ?? "Please configure in organisation settings",
         },
         To: [
           {

app/routes/org.settings.tsx

@@ -15,6 +15,7 @@ import { Input } from "~/components/ui/input";
 import { Label } from "~/components/ui/label";
 
 import { requireSuperAdmin } from "~/lib/auth.server";
+import { getOrg } from "~/lib/organisation.server";
 import { prisma } from "~/lib/prisma.server";
 
 export function meta() {
@@ -44,20 +45,7 @@ export async function action({ request }: Route.ActionArgs) {
 
 export async function loader({ request }: Route.LoaderArgs) {
   await requireSuperAdmin(request);
-
-  const org = await prisma.organisation.findUnique({
-    where: {
-      id: 1,
-    },
-  });
-
-  if (!org) {
-    throw new Response(null, {
-      status: 404,
-      statusText: "Not Found",
-    });
-  }
-
+  const org = await getOrg();
   return { org };
 }
 

app/routes/org.tsx

@@ -15,6 +15,7 @@ import { TooltipProvider } from "~/components/ui/tooltip";
 import { requireAdmin, getUser } from "~/lib/auth.server";
 import { getProgramsByAdmin } from "~/lib/program.server";
 import { prisma } from "~/lib/prisma.server";
+import { getOrg } from "~/lib/organisation.server";
 
 export function meta({ data }: Route.MetaArgs) {
   return [{ title: `${data?.org?.name} Certificates` }];
@@ -24,20 +25,7 @@ export async function loader({ request, params }: Route.LoaderArgs) {
   const adminId = await requireAdmin(request);
   const user = await getUser(request);
 
-  let org = await prisma.organisation.findUnique({
-    where: {
-      id: 1,
-    },
-  });
-
-  if (!org) {
-    org = {
-      id: 1,
-      name: "Unknown Organisation",
-      imprintUrl: null,
-      privacyUrl: null,
-    };
-  }
+  const org = await getOrg();
 
   const programs = await getProgramsByAdmin(adminId);
 

app/routes/user.accept-invite.$inviteId.$code.tsx

@@ -24,6 +24,7 @@ import {
 
 import { createUserSessionAndRedirect } from "~/lib/auth.server";
 import { prisma } from "~/lib/prisma.server";
+import { getPublicOrg } from "~/lib/organisation.server";
 
 export async function action({ request, params }: Route.ActionArgs) {
 	if (params.inviteId && params.code) {
@@ -123,12 +124,7 @@ export async function loader({ params }: Route.LoaderArgs) {
 			});
 		}
 
-		const org = await prisma.organisation.findUnique({
-			where: {
-				id: 1,
-			},
-		});
-
+		const org = await getPublicOrg();
 		return { invite, org };
 	}
 

app/routes/user.forgot-password.tsx

@@ -11,6 +11,7 @@ import {
 	CardTitle,
 } from "~/components/ui/card";
 import { getUser, sendPasswordResetLink } from "~/lib/auth.server";
+import { getPublicOrg } from "~/lib/organisation.server";
 import { prisma } from "~/lib/prisma.server";
 import { validateEmail } from "~/lib/validators.server";
 
@@ -65,15 +66,7 @@ export async function loader({ request }: Route.LoaderArgs) {
 	const user = await getUser(request);
 	if (user) return redirect("/");
 
-	const org = await prisma.organisation.findUnique({
-		where: { id: 1 },
-		select: {
-			name: true,
-			imprintUrl: true,
-			privacyUrl: true,
-		},
-	});
-
+	const org = await getPublicOrg();
 	return { org };
 }