Using these credentials for sending email instead of app password?

[MostHated]

Hey there, I was wondering if you happen to know how difficult it might be to adapt this method of authentication to the built in gmail sending functionality within NodeBB instead of using the current account login / app password method?

I have used this in the past with success through wordpress (https://wordpress.org/plugins/wp-mail-smtp/ which gives you these options seen here https://i.imgur.com/wCxGYDz.png) and I am not sure but I don't think the forum would make use of Wordpresses emailing functionality as opposed to it's own if just the authentication was linked.

The issues I am trying to work around are I use 2-factor auth and I have multiple domains hosted with gmail as I pay for the business service. I only have 1 login for those multiple domains, though, and since the login name has to be the same as the "from" name when using app passwords, it simply won't work right.

By enabling the appropriate APIs within separate projects within the admin/cloud panel and going through the process of creating an oauth consent, and a web application and generating a client id and secret (as described here for the aforementioned WP plugin I mentioned )I am able to send things out how I want/need, and seeming as this pretty much covers many of the steps or at least has similar functionality as far as the authentication, that is what made me wonder if it would be possible and how difficult it would be so I could somehow end up with result I am hoping for?

If you have any insight on if this sounds doable, and would not mind pointing me in the right direction, I would greatly appreciate it!

Thanks, -MH

[MostHated]

Nevermind on this one, I am currently working on a plugin to solve this that I will release for the NodeBB forum members.

[MostHated]

Ok, it's a bit more complicated than I anticipated. So extending this to include sending email also would be awesome if possible. : D I definitely know that sending email using oauth2 through gmail allows you to send from a secondary domain on your account as I tested it and received the email, I am just not sure how to make an email plugin that would override the built in default email providers so the forum uses it, instead of something from the dropdown list under Settings -> Email.

[julianlam]

Hm... this is an interesting idea, but definitely out of the scope of the Google SSO plugin... worth exploring, though, and I can see how it could potentially work...

[MostHated]

I have been looking around at some other applications (such as this one and this one). Actually sending from Gmail doesn't seem super complicated, I just really don't know how I would even about converting that to be a plugin, as I don't deal with Node much. So that is the part that was more complicated than I anticipated, lol.

It would be super useful though, as my primary login for my gmail account is my main domain, but that is not the domain I want to send from unfortunately. I tested it out and have done it with WordPress before, so I know sending from an alias domain on your account is possible. I am actually quite surprised no one else had ever brought it up or made a plugin for it considering how popular this board is.

I don't mind taking a stab at it, and I could figure it out with a little guidance. The part I find difficult is not with Gmail, but with adding a new email provider to the forum and making the forum know to use it, if it's not in the list that is already populated within the Settings menu. I posted about it the other day, here. https://community.nodebb.org/topic/13879/how-to-have-forum-use-a-custom-email-plugin-over-default-ones-in-list

[MostHated]

It took me a bit to figure it all out as this is my first time really touching NodeJS, but I just successfully sent myself a test email message from my Gmail-Oauth2 plugin I have been working on! : D It takes a decent bit of setup as you not only have to create the application for your clientid and secret, you then have to go to the oauth playground and input your id and secret, then use them to generate a refresh token which you then save and it passes that along to the gmail server when you send your message as part of the authentication. I was just happy to see if actually worked. That being said, I am going to run it through some more testing and see if anything breaks.

I have been using Grunt watch as I saw it was talked about in the forums, but it seems to timeout if I don't make any changes within 20-30 seconds. If not I have to restart my docker container and wait for the forum to come back up with each change, which is becoming quite a pain. I want to see if I can try to come up with a way to have the plugin be able to generate and store it's own tokens against the auth server as I have seen other plugins do for other systems.