feat: implement email sending functionality via Resend service

2026-05-10 17:43:06 +08:00 · 2025-06-21 23:50:46 +08:00
parent 9d55564073
commit e85f6b04bd
27 changed files with 2347 additions and 467 deletions
--- a/app/api/config/email-service/route.ts
+++ b/app/api/config/email-service/route.ts
@@ -0,0 +1,99 @@
+import { NextResponse } from "next/server"
+import { getRequestContext } from "@cloudflare/next-on-pages"
+import { checkPermission } from "@/lib/auth"
+import { PERMISSIONS } from "@/lib/permissions"
+import { EMAIL_CONFIG } from "@/config"
+
+export const runtime = "edge"
+
+interface EmailServiceConfig {
+  enabled: boolean
+  apiKey: string
+  roleLimits: {
+    duke?: number
+    knight?: number
+  }
+}
+
+export async function GET() {
+  const canAccess = await checkPermission(PERMISSIONS.MANAGE_CONFIG)
+
+  if (!canAccess) {
+    return NextResponse.json({
+      error: "权限不足"
+    }, { status: 403 })
+  }
+
+  try {
+    const env = getRequestContext().env
+    const [enabled, apiKey, roleLimits] = await Promise.all([
+      env.SITE_CONFIG.get("EMAIL_SERVICE_ENABLED"),
+      env.SITE_CONFIG.get("RESEND_API_KEY"),
+      env.SITE_CONFIG.get("EMAIL_ROLE_LIMITS")
+    ])
+
+    const customLimits = roleLimits ? JSON.parse(roleLimits) : {}
+    
+    const finalLimits = {
+      duke: customLimits.duke !== undefined ? customLimits.duke : EMAIL_CONFIG.DEFAULT_DAILY_SEND_LIMITS.duke,
+      knight: customLimits.knight !== undefined ? customLimits.knight : EMAIL_CONFIG.DEFAULT_DAILY_SEND_LIMITS.knight,
+    }
+
+    return NextResponse.json({
+      enabled: enabled === "true",
+      apiKey: apiKey || "",
+      roleLimits: finalLimits
+    })
+  } catch (error) {
+    console.error("Failed to get email service config:", error)
+    return NextResponse.json(
+      { error: "获取 Resend 发件服务配置失败" },
+      { status: 500 }
+    )
+  }
+}
+
+export async function POST(request: Request) {
+  const canAccess = await checkPermission(PERMISSIONS.MANAGE_CONFIG)
+
+  if (!canAccess) {
+    return NextResponse.json({
+      error: "权限不足"
+    }, { status: 403 })
+  }
+
+  try {
+    const config = await request.json() as EmailServiceConfig
+
+    if (config.enabled && !config.apiKey) {
+      return NextResponse.json(
+        { error: "启用 Resend 时，API Key 为必填项" },
+        { status: 400 }
+      )
+    }
+
+    const env = getRequestContext().env
+    
+    const customLimits: { duke?: number; knight?: number } = {}
+    if (config.roleLimits?.duke !== undefined) {
+      customLimits.duke = config.roleLimits.duke
+    }
+    if (config.roleLimits?.knight !== undefined) {
+      customLimits.knight = config.roleLimits.knight
+    }
+
+    await Promise.all([
+      env.SITE_CONFIG.put("EMAIL_SERVICE_ENABLED", config.enabled.toString()),
+      env.SITE_CONFIG.put("RESEND_API_KEY", config.apiKey),
+      env.SITE_CONFIG.put("EMAIL_ROLE_LIMITS", JSON.stringify(customLimits))
+    ])
+
+    return NextResponse.json({ success: true })
+  } catch (error) {
+    console.error("Failed to save email service config:", error)
+    return NextResponse.json(
+      { error: "保存 Resend 发件服务配置失败" },
+      { status: 500 }
+    )
+  }
+} 
--- a/app/api/emails/[id]/[messageId]/route.ts
+++ b/app/api/emails/[id]/[messageId]/route.ts
@@ -93,10 +93,13 @@ export async function GET(_request: Request, { params }: { params: Promise<{ id:
      message: {
        id: message.id,
        from_address: message.fromAddress,
+        to_address: message.toAddress,
        subject: message.subject,
        content: message.content,
        html: message.html,
-        received_at: message.receivedAt.getTime()
+        received_at: message.receivedAt.getTime(),
+        sent_at: message.receivedAt.getTime(),
+        type: message.type as 'received' | 'sent'
      }
    })
  } catch (error) {
--- a/app/api/emails/[id]/route.ts
+++ b/app/api/emails/[id]/route.ts
@@ -1,9 +1,11 @@
 import { NextResponse } from "next/server"
 import { createDb } from "@/lib/db"
 import { emails, messages } from "@/lib/schema"
-import { eq, and, lt, or, sql } from "drizzle-orm"
+import { eq, and, lt, or, sql, ne } from "drizzle-orm"
 import { encodeCursor, decodeCursor } from "@/lib/cursor"
 import { getUserId } from "@/lib/apiKey"
+import { checkBasicSendPermission } from "@/lib/send-permissions"
+
 export const runtime = "edge"

 export async function DELETE(
@@ -52,12 +54,22 @@ export async function GET(
 ) {
  const { searchParams } = new URL(request.url)
  const cursorStr = searchParams.get('cursor')
+  const messageType = searchParams.get('type')

  try {
    const db = createDb()
    const { id } = await params

    const userId = await getUserId()
+    if (messageType === 'sent') {
+      const permissionResult = await checkBasicSendPermission(userId!)
+      if (!permissionResult.canSend) {
+        return NextResponse.json(
+          { error: permissionResult.error || "您没有查看发送邮件的权限" },
+          { status: 403 }
+        )
+      }
+    }

    const email = await db.query.emails.findFirst({
      where: and(
@@ -73,7 +85,10 @@ export async function GET(
      )
    }

-    const baseConditions = eq(messages.emailId, id)
+    const baseConditions = and(
+      eq(messages.emailId, id),
+      messageType === 'sent' ? eq(messages.type, "sent") : ne(messages.type, "sent")
+    )

    const totalResult = await db.select({ count: sql<number>`count(*)` })
      .from(messages)
@@ -84,22 +99,24 @@ export async function GET(

    if (cursorStr) {
      const { timestamp, id } = decodeCursor(cursorStr)
+      const orderByTime = messageType === 'sent' ? messages.sentAt : messages.receivedAt
      conditions.push(
-        // @ts-expect-error "ignore the error"
        or(
-          lt(messages.receivedAt, new Date(timestamp)),
+          lt(orderByTime, new Date(timestamp)),
          and(
-            eq(messages.receivedAt, new Date(timestamp)),
+            eq(orderByTime, new Date(timestamp)),
            lt(messages.id, id)
          )
        )
      )
    }

+    const orderByTime = messageType === 'sent' ? messages.sentAt : messages.receivedAt
+    
    const results = await db.query.messages.findMany({
      where: and(...conditions),
      orderBy: (messages, { desc }) => [
-        desc(messages.receivedAt),
+        desc(orderByTime),
        desc(messages.id)
      ],
      limit: PAGE_SIZE + 1
@@ -108,7 +125,9 @@ export async function GET(
    const hasMore = results.length > PAGE_SIZE
    const nextCursor = hasMore 
      ? encodeCursor(
-          results[PAGE_SIZE - 1].receivedAt.getTime(),
+          messageType === 'sent' 
+            ? results[PAGE_SIZE - 1].sentAt!.getTime()
+            : results[PAGE_SIZE - 1].receivedAt.getTime(),
          results[PAGE_SIZE - 1].id
        )
      : null
@@ -117,9 +136,13 @@ export async function GET(
    return NextResponse.json({ 
      messages: messageList.map(msg => ({
        id: msg.id,
-        from_address: msg.fromAddress,
+        from_address: msg?.fromAddress,
+        to_address: msg?.toAddress,
        subject: msg.subject,
-        received_at: msg.receivedAt.getTime()
+        content: msg.content,
+        html: msg.html,
+        sent_at: msg.sentAt?.getTime(),
+        received_at: msg.receivedAt?.getTime()
      })),
      nextCursor,
      total: totalCount
--- a/app/api/emails/[id]/send/route.ts
+++ b/app/api/emails/[id]/send/route.ts
@@ -0,0 +1,134 @@
+import { NextResponse } from "next/server"
+import { auth } from "@/lib/auth"
+import { createDb } from "@/lib/db"
+import { emails, messages } from "@/lib/schema"
+import { eq } from "drizzle-orm"
+import { getRequestContext } from "@cloudflare/next-on-pages"
+import { checkSendPermission } from "@/lib/send-permissions"
+
+export const runtime = "edge"
+
+interface SendEmailRequest {
+  to: string
+  subject: string
+  content: string
+}
+
+async function sendWithResend(
+  to: string,
+  subject: string,
+  content: string,
+  fromEmail: string,
+  config: { apiKey: string }
+) {
+  const response = await fetch('https://api.resend.com/emails', {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Authorization': `Bearer ${config.apiKey}`,
+    },
+    body: JSON.stringify({
+      from: fromEmail,
+      to: [to],
+      subject: subject,
+      html: content,
+    }),
+  })
+
+  if (!response.ok) {
+    const errorData = await response.json() as { message?: string }
+    console.error('Resend API error:', errorData)
+    throw new Error(errorData.message || "Resend发送失败，请稍后重试")
+  }
+
+  return { success: true }
+}
+
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const session = await auth()
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { error: "未授权" },
+        { status: 401 }
+      )
+    }
+
+    const { id } = await params
+    const db = createDb()
+
+    const permissionResult = await checkSendPermission(session.user.id)
+    if (!permissionResult.canSend) {
+      return NextResponse.json(
+        { error: permissionResult.error },
+        { status: 403 }
+      )
+    }
+    
+    const remainingEmails = permissionResult.remainingEmails
+
+    const { to, subject, content } = await request.json() as SendEmailRequest
+
+    if (!to || !subject || !content) {
+      return NextResponse.json(
+        { error: "收件人、主题和内容都是必填项" },
+        { status: 400 }
+      )
+    }
+
+    const email = await db.query.emails.findFirst({
+      where: eq(emails.id, id)
+    })
+
+    if (!email) {
+      return NextResponse.json(
+        { error: "邮箱不存在" },
+        { status: 404 }
+      )
+    }
+
+    if (email.userId !== session.user.id) {
+      return NextResponse.json(
+        { error: "无权访问此邮箱" },
+        { status: 403 }
+      )
+    }
+
+    const env = getRequestContext().env
+    const apiKey = await env.SITE_CONFIG.get("RESEND_API_KEY")
+
+    if (!apiKey) {
+      return NextResponse.json(
+        { error: "Resend 发件服务未配置，请联系管理员" },
+        { status: 500 }
+      )
+    }
+
+    await sendWithResend(to, subject, content, email.address, { apiKey })
+
+    await db.insert(messages).values({
+      emailId: email.id,
+      fromAddress: email.address,
+      toAddress: to,
+      subject,
+      content: '',
+      type: "sent",
+      html: content
+    })
+
+    return NextResponse.json({ 
+      success: true,
+      message: "邮件发送成功",
+      remainingEmails
+    })
+  } catch (error) {
+    console.error('Failed to send email:', error)
+    return NextResponse.json(
+      { error: error instanceof Error ? error.message : "发送邮件失败" },
+      { status: 500 }
+    )
+  }
+} 
--- a/app/api/emails/send-permission/route.ts
+++ b/app/api/emails/send-permission/route.ts
@@ -0,0 +1,29 @@
+import { NextResponse } from "next/server"
+import { auth } from "@/lib/auth"
+import { checkSendPermission } from "@/lib/send-permissions"
+
+export const runtime = "edge"
+
+export async function GET() {
+  try {
+    const session = await auth()
+    if (!session?.user?.id) {
+      return NextResponse.json({
+        canSend: false,
+        error: "未授权"
+      })
+    }
+    const result = await checkSendPermission(session.user.id)
+    
+    return NextResponse.json(result)
+  } catch (error) {
+    console.error('Failed to check send permission:', error)
+    return NextResponse.json(
+      { 
+        canSend: false, 
+        error: "权限检查失败" 
+      },
+      { status: 500 }
+    )
+  }
+}