tenseleyflow/shithub / f171069

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+package email

+

+import (

+	"bytes"

+	"context"

+	"encoding/json"

+	"fmt"

+	"io"

+	"net/http"

+	"time"

+)

+

+// ResendSender posts messages to the Resend transactional API

+// (https://resend.com). Same shape as PostmarkSender — one HTTP POST per

+// message, no templating, no batching. Resend's value vs. Postmark is

+// near-instant onboarding (no human approval queue), which is why we

+// keep both implementations selectable per-deploy.

+type ResendSender struct {

+	APIKey   string // Bearer token; ops creates this in the Resend dashboard

+	From     string // verified sender address; domain must be verified in Resend

+	Endpoint string // optional override; defaults to resendAPI for tests

+	HTTP     *http.Client

+}

+

+// resendAPI is the canonical endpoint. Hard-coded — Resend is SaaS.

+const resendAPI = "https://api.resend.com/emails"

+

+// resendPayload is the request body shape. The field names match

+// Resend's documented JSON keys (lowercase singular).

+type resendPayload struct {

+	From    string `json:"from"`

+	To      string `json:"to"`

+	Subject string `json:"subject"`

+	HTML    string `json:"html"`

+	Text    string `json:"text"`

+}

+

+// Send implements Sender.

+func (r *ResendSender) Send(ctx context.Context, m Message) error {

+	if m.From == "" {

+		m.From = r.From

+	}

+	body, err := json.Marshal(resendPayload(m))

+	if err != nil {

+		return fmt.Errorf("resend: marshal: %w", err)

+	}

+

+	endpoint := r.Endpoint

+	if endpoint == "" {

+		endpoint = resendAPI

+	}

+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, endpoint, bytes.NewReader(body))

+	if err != nil {

+		return fmt.Errorf("resend: request: %w", err)

+	}

+	req.Header.Set("Accept", "application/json")

+	req.Header.Set("Content-Type", "application/json")

+	req.Header.Set("Authorization", "Bearer "+r.APIKey)

+

+	client := r.HTTP

+	if client == nil {

+		client = &http.Client{Timeout: 10 * time.Second}

+	}

+	resp, err := client.Do(req)

+	if err != nil {

+		return fmt.Errorf("resend: send: %w", err)

+	}

+	defer func() { _ = resp.Body.Close() }()

+

+	if resp.StatusCode/100 != 2 {

+		// Resend returns a JSON error body like {"name":"...", "message":"..."}.

+		// Surface a snippet so operators can debug bad keys / unverified

+		// domains without re-running with curl.

+		snippet, _ := io.ReadAll(io.LimitReader(resp.Body, 512))

+		return fmt.Errorf("resend: status %d: %s", resp.StatusCode, bytes.TrimSpace(snippet))

+	}

+	return nil

+}

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+package email

+

+import (

+	"context"

+	"encoding/json"

+	"io"

+	"net/http"

+	"net/http/httptest"

+	"strings"

+	"testing"

+)

+

+func TestResendSender_Send_SuccessShapesRequest(t *testing.T) {

+	t.Parallel()

+	var (

+		gotMethod string

+		gotPath   string

+		gotAuth   string

+		gotCT     string

+		gotBody   resendPayload

+	)

+	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

+		gotMethod = r.Method

+		gotPath = r.URL.Path

+		gotAuth = r.Header.Get("Authorization")

+		gotCT = r.Header.Get("Content-Type")

+		raw, _ := io.ReadAll(r.Body)

+		_ = json.Unmarshal(raw, &gotBody)

+		w.WriteHeader(http.StatusOK)

+		_, _ = w.Write([]byte(`{"id":"00000000-0000-0000-0000-000000000000"}`))

+	}))

+	defer srv.Close()

+

+	s := &ResendSender{

+		APIKey:   "re_test_secret",

+		From:     "noreply@shithub.sh",

+		Endpoint: srv.URL,

+	}

+	err := s.Send(context.Background(), Message{

+		To: "alice@example.com", Subject: "hi", HTML: "<b>hi</b>", Text: "hi",

+	})

+	if err != nil {

+		t.Fatalf("Send: %v", err)

+	}

+	if gotMethod != http.MethodPost {

+		t.Errorf("method = %q, want POST", gotMethod)

+	}

+	if gotPath != "/" {

+		t.Errorf("path = %q, want /", gotPath)

+	}

+	if gotAuth != "Bearer re_test_secret" {

+		t.Errorf("Authorization = %q, want Bearer re_test_secret", gotAuth)

+	}

+	if gotCT != "application/json" {

+		t.Errorf("Content-Type = %q, want application/json", gotCT)

+	}

+	if gotBody.From != "noreply@shithub.sh" {

+		t.Errorf("body.From = %q, want default From", gotBody.From)

+	}

+	if gotBody.To != "alice@example.com" || gotBody.Subject != "hi" ||

+		gotBody.HTML != "<b>hi</b>" || gotBody.Text != "hi" {

+		t.Errorf("body fields wrong: %+v", gotBody)

+	}

+}

+

+func TestResendSender_Send_PerMessageFromOverridesDefault(t *testing.T) {

+	t.Parallel()

+	var gotFrom string

+	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

+		var p resendPayload

+		raw, _ := io.ReadAll(r.Body)

+		_ = json.Unmarshal(raw, &p)

+		gotFrom = p.From

+		w.WriteHeader(http.StatusOK)

+	}))

+	defer srv.Close()

+

+	s := &ResendSender{APIKey: "k", From: "default@x", Endpoint: srv.URL}

+	if err := s.Send(context.Background(), Message{

+		From: "override@x", To: "a@x", Subject: "s", HTML: "H", Text: "T",

+	}); err != nil {

+		t.Fatalf("Send: %v", err)

+	}

+	if gotFrom != "override@x" {

+		t.Errorf("From = %q, want override@x", gotFrom)

+	}

+}

+

+func TestResendSender_Send_PropagatesAPIError(t *testing.T) {

+	t.Parallel()

+	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {

+		w.WriteHeader(http.StatusUnauthorized)

+		_, _ = w.Write([]byte(`{"name":"missing_api_key","message":"API key is missing"}`))

+	}))

+	defer srv.Close()

+

+	s := &ResendSender{APIKey: "bad", From: "noreply@x", Endpoint: srv.URL}

+	err := s.Send(context.Background(), Message{To: "a@x", Subject: "s", HTML: "H", Text: "T"})

+	if err == nil {

+		t.Fatal("expected error on 401, got nil")

+	}

+	if !strings.Contains(err.Error(), "401") {

+		t.Errorf("error missing status code: %v", err)

+	}

+	if !strings.Contains(err.Error(), "missing_api_key") {

+		t.Errorf("error missing API body snippet: %v", err)

+	}

+}