port-nimara-client-portal/server/api/email/test-connection.ts

import nodemailer from 'nodemailer';
import Imap from 'imap';
import { encryptCredentials, storeCredentialsInSession } from '~/server/utils/encryption';

export default defineEventHandler(async (event) => {
  const xTagHeader = getRequestHeader(event, "x-tag");

  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
  }

  try {
    const body = await readBody(event);
    const { email, password, imapHost, smtpHost, sessionId } = body;

    if (!email || !password || !sessionId) {
      throw createError({ 
        statusCode: 400, 
        statusMessage: "Email, password, and sessionId are required" 
      });
    }

    // Use provided hosts or defaults from environment
    const imapHostToUse = imapHost || process.env.NUXT_EMAIL_IMAP_HOST || 'mail.portnimara.com';
    const smtpHostToUse = smtpHost || process.env.NUXT_EMAIL_SMTP_HOST || 'mail.portnimara.com';
    const imapPort = parseInt(process.env.NUXT_EMAIL_IMAP_PORT || '993');
    const smtpPort = parseInt(process.env.NUXT_EMAIL_SMTP_PORT || '587');

    // Test SMTP connection
    const transporter = nodemailer.createTransport({
      host: smtpHostToUse,
      port: smtpPort,
      secure: false, // false for STARTTLS
      auth: {
        user: email,
        pass: password
      },
      tls: {
        rejectUnauthorized: false // Allow self-signed certificates
      }
    });

    await transporter.verify();
    
    // Test IMAP connection
    const imapConfig = {
      user: email,
      password: password,
      host: imapHostToUse,
      port: imapPort,
      tls: true,
      tlsOptions: { 
        rejectUnauthorized: false // Allow self-signed certificates
      }
    };

    const testImapConnection = () => {
      return new Promise((resolve, reject) => {
        const imap = new Imap(imapConfig);
        
        imap.once('ready', () => {
          imap.end();
          resolve(true);
        });
        
        imap.once('error', (err: Error) => {
          reject(err);
        });
        
        imap.connect();
      });
    };

    await testImapConnection();

    // If both connections successful, encrypt and store credentials
    const encryptedCredentials = encryptCredentials(email, password);
    storeCredentialsInSession(sessionId, encryptedCredentials);

    return { 
      success: true, 
      message: "Email connection tested successfully",
      email: email
    };
  } catch (error) {
    console.error('Email connection test failed:', error);
    if (error instanceof Error) {
      // Check for common authentication errors
      if (error.message.includes('Authentication') || error.message.includes('AUTHENTICATIONFAILED')) {
        throw createError({ 
          statusCode: 401, 
          statusMessage: "Invalid email or password" 
        });
      }
      throw createError({ 
        statusCode: 500, 
        statusMessage: `Connection failed: ${error.message}` 
      });
    } else {
      throw createError({
        statusCode: 500,
        statusMessage: "An unexpected error occurred",
      });
    }
  }
});