mirror of
https://github.com/dreamhunter2333/cloudflare_temp_email.git
synced 2026-05-11 01:51:19 +08:00
c5893a2944
* chore: upgrade dependencies - dompurify 3.3.1 → 3.3.2 - naive-ui 2.43.2 → 2.44.0 - vue-i18n 11.2.8 → 11.3.0 - @cloudflare/workers-types 4.20260305.1 → 4.20260307.1 - @types/node 25.3.3 → 25.3.5 - wrangler 4.70.0 → 4.71.0 (all subprojects) * feat: upgrade @simplewebauthn packages from v10 to v13 Breaking changes addressed: - [v11] startRegistration/startAuthentication now take object param - [v11] registrationInfo.credential replaces flat destructuring - [v11] authenticator param renamed to credential in verifyAuthenticationResponse - [v13] @simplewebauthn/types removed, types imported from @simplewebauthn/server Packages: - @simplewebauthn/server: 10.0.1 → 13.2.3 - @simplewebauthn/browser: 10.0.0 → 13.2.2 - @simplewebauthn/types: removed (deprecated) * test: add passkey API E2E tests - User registration and login flow - register_request/authenticate_request return valid WebAuthn options - authenticate_response with invalid credential returns 404 - register_response with invalid credential returns error - Passkey list empty for new user - Rename/delete operations with validation * fix: use UI login instead of localStorage injection in browser passkey test The localStorage approach doesn't work with VueUse's useStorage because it doesn't detect external changes during page navigation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: hash password before registration to match frontend login behavior The frontend hashes passwords with SHA-256 before sending to the API. Registration via API must use the same hashed password so that UI login matches the stored value. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: allow crypto.subtle in Docker browser tests The frontend uses crypto.subtle for password hashing, which requires a secure context (HTTPS or localhost). In Docker, the frontend runs at http://frontend:5173 which is not a secure context. Add Chromium flag to treat this origin as secure. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: serve frontend over HTTPS in Docker for WebAuthn secure context WebAuthn (navigator.credentials) and crypto.subtle both require a secure context (HTTPS or localhost). The Docker frontend was serving over HTTP, making passkey operations impossible. Changes: - Generate self-signed cert in Dockerfile.frontend - Configure Vite to serve over HTTPS - Update FRONTEND_URL to https:// - Add ignoreHTTPSErrors to Playwright browser config - Use localStorage injection for passkey test login Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add Vite proxy to avoid mixed-content blocking in HTTPS Docker frontend HTTPS pages cannot make HTTP API requests (mixed content). Add a Vite proxy for all API paths so the browser makes same-origin HTTPS requests, which Vite proxies to the HTTP worker server-to-server. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: store userJwt without JSON.stringify in localStorage VueUse's useStorage with a string default uses raw string serialization (no JSON wrapping). Using JSON.stringify added double quotes around the JWT token, causing 401 Unauthorized from the worker. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor: clean up passkey API test per review feedback Remove unused variables and rename test to match actual behavior. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Cloudflare Temp Email - Free Temporary Email Service
This project is for learning and personal use only. Please do not use it for any illegal activities, or you will be responsible for the consequences.
A fully-featured temporary email service!
- Completely Free - Built on Cloudflare's free services with zero cost
- High Performance - Rust WASM email parsing for extremely fast response
- Modern UI - Responsive design with multi-language support and easy operation
- Address Password - Support setting individual passwords for email addresses to enhance security (enabled via
ENABLE_ADDRESS_PASSWORD)
Deployment Documentation - Quick Start
Documentation | Github Action Deployment Guide
Changelog
See CHANGELOG for the latest updates.
Live Demo
Try it now → https://mail.awsl.uk/
Star History (Click to expand/collapse)
Table of Contents (Click to expand/collapse)
Core Features
Core Features Details (Click to expand/collapse)
Email Processing
- Use
rust wasmto parse emails, with fast parsing speed. Almost all emails can be parsed. Even emails that Node.js parsing modules fail to parse can be successfully parsed by rust wasm - AI Email Recognition - Use Cloudflare Workers AI to automatically extract verification codes, authentication links, service links and other important information from emails
- Support sending emails with
DKIMverification - Support multiple sending methods such as
SMTPandResend - Add attachment viewing feature with support for displaying attachment images
- Support S3 attachment storage and deletion
- Spam detection and blacklist/whitelist configuration
- Email forwarding feature with global forwarding address support
User Management
- Use
credentialsto log in to previously used mailboxes - Add complete user registration and login functionality. Users can bind email addresses and automatically obtain email JWT credentials to switch between different mailboxes after binding
- Support
OAuth2third-party login (Github, Authentik, etc.) - Support
Passkeypasswordless login - User role management with support for multi-role domain and prefix configuration
- User inbox viewing with address and keyword filtering support
Admin Features
- Complete admin console
- Create mailboxes without prefix in
adminbackend - Admin user management page with user address viewing feature
- Scheduled cleanup function with support for multiple cleanup strategies
- Get mailboxes with custom names,
admincan configure blacklist - Add access password for use as a private site
Multi-language & Interface
- Both frontend and backend support multi-language
- Modern UI design with responsive layout
- Google Ads integration support
- Use shadow DOM to prevent style pollution
- Support URL JWT parameter auto-login
Integration & Extensions
- Complete
Telegram Botsupport,Telegrampush notifications, and Telegram Bot mini app - Add
SMTP proxy serversupportingSMTPfor sending emails andIMAPfor viewing emails - Webhook support and message push integration
- Support
CF TurnstileCAPTCHA verification - Rate limiting configuration to prevent abuse
Technical Architecture
Technical Architecture Details (Click to expand/collapse)
System Architecture
- Database: Cloudflare D1 as the main database
- Frontend Deployment: Deploy frontend using Cloudflare Pages
- Backend Deployment: Deploy backend using Cloudflare Workers
- Email Routing: Use Cloudflare Email Routing
Tech Stack
- Frontend: Vue 3 + Vite + TypeScript
- Backend: TypeScript + Cloudflare Workers
- Email Parsing: Rust WASM (mail-parser-wasm)
- Database: Cloudflare D1 (SQLite)
- Storage: Cloudflare KV + R2 (optional S3)
- Proxy Service: Python SMTP/IMAP Proxy Server
Main Components
- Worker: Core backend service
- Frontend: Vue 3 user interface
- Mail Parser WASM: Rust email parsing module
- SMTP Proxy Server: Python email proxy service
- Pages Functions: Cloudflare Pages middleware
- Documentation: VitePress documentation site
Important Notes
- When adding domain records in Resend, if your DNS provider is hosting your 3rd level domain a.b.com, please remove the 2nd level domain prefix b from the default name generated by Resend, otherwise it will add a.b.b.com, causing verification to fail. After adding the record, you can verify it using:
nslookup -qt="mx" a.b.com 1.1.1.1