feat: Config to eventstore (#3158)

* feat: add default language to eventstore * feat: add secret generator configs events * feat: tests * feat: secret generators in eventstore * feat: secret generators in eventstore * feat: smtp config in eventstore * feat: smtp config in eventstore * feat: smtp config in eventstore * feat: smtp config in eventstore * feat: smtp config in eventstore * fix: migrations * fix migration version * fix test * feat: change secret generator type to enum * feat: change smtp attribute names * feat: change smtp attribute names * feat: remove engryption algorithms from command side * feat: remove engryption algorithms from command side * feat: smtp config * feat: smtp config * format smtp from header Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-11 19:07:30 +00:00 · 2022-02-16 16:49:17 +01:00
parent 4272ea6fe1
commit e3528ff0b2
118 changed files with 5216 additions and 686 deletions
--- a/internal/notification/channels/smtp/channel.go
+++ b/internal/notification/channels/smtp/channel.go
@@ -1,26 +1,30 @@
 package smtp

 import (
+	"context"
 	"crypto/tls"
 	"net"
 	"net/smtp"

-	"github.com/caos/zitadel/internal/notification/messages"
-
 	"github.com/caos/logging"
+	"github.com/pkg/errors"
+
 	caos_errs "github.com/caos/zitadel/internal/errors"
 	"github.com/caos/zitadel/internal/notification/channels"
-	"github.com/pkg/errors"
+	"github.com/caos/zitadel/internal/notification/messages"
 )

 var _ channels.NotificationChannel = (*Email)(nil)

 type Email struct {
-	smtpClient *smtp.Client
+	smtpClient    *smtp.Client
+	senderAddress string
+	senderName    string
 }

-func InitSMTPChannel(config EmailConfig) (*Email, error) {
-	client, err := config.SMTP.connectToSMTP(config.Tls)
+func InitSMTPChannel(ctx context.Context, getSMTPConfig func(ctx context.Context) (*EmailConfig, error)) (*Email, error) {
+	smtpConfig, err := getSMTPConfig(ctx)
+	client, err := smtpConfig.SMTP.connectToSMTP(smtpConfig.Tls)
 	if err != nil {
 		return nil, err
 	}
@@ -42,12 +46,12 @@ func (email *Email) HandleMessage(message channels.Message) error {
 	if emailMsg.Content == "" || emailMsg.Subject == "" || len(emailMsg.Recipients) == 0 {
 		return caos_errs.ThrowInternalf(nil, "EMAIL-zGemZ", "subject, recipients and content must be set but got subject %s, recipients length %d and content length %d", emailMsg.Subject, len(emailMsg.Recipients), len(emailMsg.Content))
 	}
-
+	emailMsg.SenderEmail = email.senderAddress
+	emailMsg.SenderName = email.senderName
 	// To && From
 	if err := email.smtpClient.Mail(emailMsg.SenderEmail); err != nil {
 		return caos_errs.ThrowInternalf(err, "EMAIL-s3is3", "could not set sender: %v", emailMsg.SenderEmail)
 	}
-
 	for _, recp := range append(append(emailMsg.Recipients, emailMsg.CC...), emailMsg.BCC...) {
 		if err := email.smtpClient.Rcpt(recp); err != nil {
 			return caos_errs.ThrowInternalf(err, "EMAIL-s4is4", "could not set recipient: %v", recp)
--- a/internal/notification/messages/email.go
+++ b/internal/notification/messages/email.go
@@ -20,13 +20,18 @@ type Email struct {
 	BCC         []string
 	CC          []string
 	SenderEmail string
+	SenderName  string
 	Subject     string
 	Content     string
 }

 func (msg *Email) GetContent() string {
 	headers := make(map[string]string)
-	headers["From"] = msg.SenderEmail
+	from := msg.SenderEmail
+	if msg.SenderName != "" {
+		from = fmt.Sprintf("%s <%s>", msg.SenderName, msg.SenderEmail)
+	}
+	headers["From"] = from
 	headers["To"] = strings.Join(msg.Recipients, ", ")
 	headers["Cc"] = strings.Join(msg.CC, ", ")

--- a/internal/notification/notification.go
+++ b/internal/notification/notification.go
@@ -4,6 +4,7 @@ import (
 	"database/sql"

 	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/crypto"
 	"github.com/rakyll/statik/fs"

 	"github.com/caos/zitadel/internal/command"
@@ -17,10 +18,10 @@ type Config struct {
 	Repository eventsourcing.Config
 }

-func Start(config Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string) {
+func Start(config Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string, smtpPasswordEncAlg crypto.EncryptionAlgorithm) {
 	statikFS, err := fs.NewWithNamespace("notification")
 	logging.OnError(err).Panic("unable to start listener")

-	_, err = eventsourcing.Start(config.Repository, statikFS, systemDefaults, command, queries, dbClient, assetsPrefix)
+	_, err = eventsourcing.Start(config.Repository, statikFS, systemDefaults, command, queries, dbClient, assetsPrefix, smtpPasswordEncAlg)
 	logging.OnError(err).Panic("unable to start app")
 }
--- a/internal/notification/repository/eventsourcing/handler/handler.go
+++ b/internal/notification/repository/eventsourcing/handler/handler.go
@@ -34,14 +34,13 @@ func (h *handler) Eventstore() v1.Eventstore {
 	return h.es
 }

-func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es v1.Eventstore, command *command.Commands, queries *query.Queries, systemDefaults sd.SystemDefaults, dir http.FileSystem, assetsPrefix string) []queryv1.Handler {
+func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es v1.Eventstore, command *command.Commands, queries *query.Queries, systemDefaults sd.SystemDefaults, dir http.FileSystem, assetsPrefix string, smtpPasswordEncAlg crypto.EncryptionAlgorithm) []queryv1.Handler {
 	aesCrypto, err := crypto.NewAESCrypto(systemDefaults.UserVerificationKey)
 	logging.OnError(err).Fatal("error create new aes crypto")

 	return []queryv1.Handler{
 		newNotifyUser(
 			handler{view, bulkLimit, configs.cycleDuration("User"), errorCount, es},
-			systemDefaults.IamID,
 			queries,
 		),
 		newNotification(
@@ -52,6 +51,7 @@ func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es
 			aesCrypto,
 			dir,
 			assetsPrefix,
+			smtpPasswordEncAlg,
 		),
 	}
 }
--- a/internal/notification/repository/eventsourcing/handler/notification.go
+++ b/internal/notification/repository/eventsourcing/handler/notification.go
@@ -19,6 +19,7 @@ import (
 	queryv1 "github.com/caos/zitadel/internal/eventstore/v1/query"
 	"github.com/caos/zitadel/internal/eventstore/v1/spooler"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/types"
 	"github.com/caos/zitadel/internal/query"
 	user_repo "github.com/caos/zitadel/internal/repository/user"
@@ -34,13 +35,14 @@ const (

 type Notification struct {
 	handler
-	command        *command.Commands
-	systemDefaults sd.SystemDefaults
-	AesCrypto      crypto.EncryptionAlgorithm
-	statikDir      http.FileSystem
-	subscription   *v1.Subscription
-	assetsPrefix   string
-	queries        *query.Queries
+	command            *command.Commands
+	systemDefaults     sd.SystemDefaults
+	AesCrypto          crypto.EncryptionAlgorithm
+	statikDir          http.FileSystem
+	subscription       *v1.Subscription
+	assetsPrefix       string
+	queries            *query.Queries
+	smtpPasswordCrypto crypto.EncryptionAlgorithm
 }

 func newNotification(
@@ -51,15 +53,17 @@ func newNotification(
 	aesCrypto crypto.EncryptionAlgorithm,
 	statikDir http.FileSystem,
 	assetsPrefix string,
+	smtpPasswordEncAlg crypto.EncryptionAlgorithm,
 ) *Notification {
 	h := &Notification{
-		handler:        handler,
-		command:        command,
-		systemDefaults: defaults,
-		statikDir:      statikDir,
-		AesCrypto:      aesCrypto,
-		assetsPrefix:   assetsPrefix,
-		queries:        query,
+		handler:            handler,
+		command:            command,
+		systemDefaults:     defaults,
+		statikDir:          statikDir,
+		AesCrypto:          aesCrypto,
+		assetsPrefix:       assetsPrefix,
+		queries:            query,
+		smtpPasswordCrypto: smtpPasswordEncAlg,
 	}

 	h.subscribe()
@@ -161,7 +165,7 @@ func (n *Notification) handleInitUserCode(event *models.Event) (err error) {
 		return err
 	}

-	err = types.SendUserInitCode(string(template.Template), translator, user, initCode, n.systemDefaults, n.AesCrypto, colors, n.assetsPrefix)
+	err = types.SendUserInitCode(ctx, string(template.Template), translator, user, initCode, n.systemDefaults, n.getSMTPConfig, n.AesCrypto, colors, n.assetsPrefix)
 	if err != nil {
 		return err
 	}
@@ -199,7 +203,7 @@ func (n *Notification) handlePasswordCode(event *models.Event) (err error) {
 	if err != nil {
 		return err
 	}
-	err = types.SendPasswordCode(string(template.Template), translator, user, pwCode, n.systemDefaults, n.AesCrypto, colors, n.assetsPrefix)
+	err = types.SendPasswordCode(ctx, string(template.Template), translator, user, pwCode, n.systemDefaults, n.getSMTPConfig, n.AesCrypto, colors, n.assetsPrefix)
 	if err != nil {
 		return err
 	}
@@ -238,7 +242,7 @@ func (n *Notification) handleEmailVerificationCode(event *models.Event) (err err
 		return err
 	}

-	err = types.SendEmailVerificationCode(string(template.Template), translator, user, emailCode, n.systemDefaults, n.AesCrypto, colors, n.assetsPrefix)
+	err = types.SendEmailVerificationCode(ctx, string(template.Template), translator, user, emailCode, n.systemDefaults, n.getSMTPConfig, n.AesCrypto, colors, n.assetsPrefix)
 	if err != nil {
 		return err
 	}
@@ -303,7 +307,8 @@ func (n *Notification) handleDomainClaimed(event *models.Event) (err error) {
 	if err != nil {
 		return err
 	}
-	err = types.SendDomainClaimed(string(template.Template), translator, user, data["userName"], n.systemDefaults, colors, n.assetsPrefix)
+
+	err = types.SendDomainClaimed(ctx, string(template.Template), translator, user, data["userName"], n.systemDefaults, n.getSMTPConfig, colors, n.assetsPrefix)
 	if err != nil {
 		return err
 	}
@@ -349,7 +354,8 @@ func (n *Notification) handlePasswordlessRegistrationLink(event *models.Event) (
 	if err != nil {
 		return err
 	}
-	err = types.SendPasswordlessRegistrationLink(string(template.Template), translator, user, addedEvent, n.systemDefaults, n.AesCrypto, colors, n.assetsPrefix)
+
+	err = types.SendPasswordlessRegistrationLink(ctx, string(template.Template), translator, user, addedEvent, n.systemDefaults, n.getSMTPConfig, n.AesCrypto, colors, n.assetsPrefix)
 	if err != nil {
 		return err
 	}
@@ -410,12 +416,34 @@ func (n *Notification) getMailTemplate(ctx context.Context) (*query.MailTemplate
 	return n.queries.MailTemplateByOrg(ctx, authz.GetCtxData(ctx).OrgID)
 }

-func (n *Notification) getTranslatorWithOrgTexts(orgID, textType string) (*i18n.Translator, error) {
-	translator, err := i18n.NewTranslator(n.statikDir, i18n.TranslatorConfig{DefaultLanguage: n.systemDefaults.DefaultLanguage})
+// Read iam smtp config
+func (n *Notification) getSMTPConfig(ctx context.Context) (*smtp.EmailConfig, error) {
+	config, err := n.queries.SMTPConfigByAggregateID(ctx, domain.IAMID)
 	if err != nil {
 		return nil, err
 	}
-	ctx := context.TODO()
+	password, err := crypto.Decrypt(config.Password, n.smtpPasswordCrypto)
+	if err != nil {
+		return nil, err
+	}
+	return &smtp.EmailConfig{
+		From:     config.SenderAddress,
+		FromName: config.SenderName,
+		SMTP: smtp.SMTP{
+			Host:     config.Host,
+			User:     config.User,
+			Password: string(password),
+		},
+	}, nil
+}
+
+func (n *Notification) getTranslatorWithOrgTexts(orgID, textType string) (*i18n.Translator, error) {
+	ctx := context.Background()
+	translator, err := i18n.NewTranslator(n.statikDir, i18n.TranslatorConfig{DefaultLanguage: n.queries.GetDefaultLanguage(ctx)})
+	if err != nil {
+		return nil, err
+	}
+
 	allCustomTexts, err := n.queries.CustomTextListByTemplate(ctx, domain.IAMID, textType)
 	if err != nil {
 		return translator, nil
--- a/internal/notification/repository/eventsourcing/handler/notify_user.go
+++ b/internal/notification/repository/eventsourcing/handler/notify_user.go
@@ -26,19 +26,16 @@ const (

 type NotifyUser struct {
 	handler
-	iamID        string
 	subscription *v1.Subscription
 	queries      *query2.Queries
 }

 func newNotifyUser(
 	handler handler,
-	iamID string,
 	queries *query2.Queries,
 ) *NotifyUser {
 	h := &NotifyUser{
 		handler: handler,
-		iamID:   iamID,
 		queries: queries,
 	}

--- a/internal/notification/repository/eventsourcing/repository.go
+++ b/internal/notification/repository/eventsourcing/repository.go
@@ -6,6 +6,7 @@ import (

 	"github.com/caos/zitadel/internal/command"
 	sd "github.com/caos/zitadel/internal/config/systemdefaults"
+	"github.com/caos/zitadel/internal/crypto"
 	v1 "github.com/caos/zitadel/internal/eventstore/v1"
 	es_spol "github.com/caos/zitadel/internal/eventstore/v1/spooler"
 	"github.com/caos/zitadel/internal/notification/repository/eventsourcing/spooler"
@@ -21,7 +22,7 @@ type EsRepository struct {
 	spooler *es_spol.Spooler
 }

-func Start(conf Config, dir http.FileSystem, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string) (*EsRepository, error) {
+func Start(conf Config, dir http.FileSystem, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string, smtpPasswordEncAlg crypto.EncryptionAlgorithm) (*EsRepository, error) {
 	es, err := v1.Start(dbClient)
 	if err != nil {
 		return nil, err
@@ -32,7 +33,7 @@ func Start(conf Config, dir http.FileSystem, systemDefaults sd.SystemDefaults, c
 		return nil, err
 	}

-	spool := spooler.StartSpooler(conf.Spooler, es, view, dbClient, command, queries, systemDefaults, dir, assetsPrefix)
+	spool := spooler.StartSpooler(conf.Spooler, es, view, dbClient, command, queries, systemDefaults, dir, assetsPrefix, smtpPasswordEncAlg)

 	return &EsRepository{
 		spool,
--- a/internal/notification/repository/eventsourcing/spooler/spooler.go
+++ b/internal/notification/repository/eventsourcing/spooler/spooler.go
@@ -6,6 +6,7 @@ import (

 	"github.com/caos/zitadel/internal/command"
 	sd "github.com/caos/zitadel/internal/config/systemdefaults"
+	"github.com/caos/zitadel/internal/crypto"
 	v1 "github.com/caos/zitadel/internal/eventstore/v1"
 	"github.com/caos/zitadel/internal/eventstore/v1/spooler"
 	"github.com/caos/zitadel/internal/notification/repository/eventsourcing/handler"
@@ -20,12 +21,12 @@ type SpoolerConfig struct {
 	Handlers              handler.Configs
 }

-func StartSpooler(c SpoolerConfig, es v1.Eventstore, view *view.View, sql *sql.DB, command *command.Commands, queries *query.Queries, systemDefaults sd.SystemDefaults, dir http.FileSystem, assetsPrefix string) *spooler.Spooler {
+func StartSpooler(c SpoolerConfig, es v1.Eventstore, view *view.View, sql *sql.DB, command *command.Commands, queries *query.Queries, systemDefaults sd.SystemDefaults, dir http.FileSystem, assetsPrefix string, smtpPasswordEncAlg crypto.EncryptionAlgorithm) *spooler.Spooler {
 	spoolerConfig := spooler.Config{
 		Eventstore:        es,
 		Locker:            &locker{dbClient: sql},
 		ConcurrentWorkers: c.ConcurrentWorkers,
-		ViewHandlers:      handler.Register(c.Handlers, c.BulkLimit, c.FailureCountUntilSkip, view, es, command, queries, systemDefaults, dir, assetsPrefix),
+		ViewHandlers:      handler.Register(c.Handlers, c.BulkLimit, c.FailureCountUntilSkip, view, es, command, queries, systemDefaults, dir, assetsPrefix, smtpPasswordEncAlg),
 	}
 	spool := spoolerConfig.New()
 	spool.Start()
--- a/internal/notification/senders/email.go
+++ b/internal/notification/senders/email.go
@@ -1,12 +1,14 @@
 package senders

 import (
+	"context"
+
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/notification/channels"
 	"github.com/caos/zitadel/internal/notification/channels/smtp"
 )

-func EmailChannels(config systemdefaults.Notifications) (channels.NotificationChannel, error) {
+func EmailChannels(ctx context.Context, config systemdefaults.Notifications, emailConfig func(ctx context.Context) (*smtp.EmailConfig, error)) (channels.NotificationChannel, error) {

 	debug, err := debugChannels(config)
 	if err != nil {
@@ -14,7 +16,7 @@ func EmailChannels(config systemdefaults.Notifications) (channels.NotificationCh
 	}

 	if !config.DebugMode {
-		p, err := smtp.InitSMTPChannel(config.Providers.Email)
+		p, err := smtp.InitSMTPChannel(ctx, emailConfig)
 		if err != nil {
 			return nil, err
 		}
--- a/internal/notification/types/domain_claimed.go
+++ b/internal/notification/types/domain_claimed.go
@@ -1,11 +1,13 @@
 package types

 import (
+	"context"
 	"strings"

 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/query"
 	view_model "github.com/caos/zitadel/internal/user/repository/view/model"
@@ -16,7 +18,7 @@ type DomainClaimedData struct {
 	URL string
 }

-func SendDomainClaimed(mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, username string, systemDefaults systemdefaults.SystemDefaults, colors *query.LabelPolicy, assetsPrefix string) error {
+func SendDomainClaimed(ctx context.Context, mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, username string, systemDefaults systemdefaults.SystemDefaults, emailConfig func(ctx context.Context) (*smtp.EmailConfig, error), colors *query.LabelPolicy, assetsPrefix string) error {
 	url, err := templates.ParseTemplateText(systemDefaults.Notifications.Endpoints.DomainClaimed, &UrlData{UserID: user.ID})
 	if err != nil {
 		return err
@@ -33,5 +35,5 @@ func SendDomainClaimed(mailhtml string, translator *i18n.Translator, user *view_
 	if err != nil {
 		return err
 	}
-	return generateEmail(user, domainClaimedData.Subject, template, systemDefaults.Notifications, true)
+	return generateEmail(ctx, user, domainClaimedData.Subject, template, systemDefaults.Notifications, emailConfig, true)
 }
--- a/internal/notification/types/email_verification_code.go
+++ b/internal/notification/types/email_verification_code.go
@@ -1,10 +1,13 @@
 package types

 import (
+	"context"
+
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/query"
 	es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
@@ -16,7 +19,7 @@ type EmailVerificationCodeData struct {
 	URL string
 }

-func SendEmailVerificationCode(mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.EmailCode, systemDefaults systemdefaults.SystemDefaults, alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
+func SendEmailVerificationCode(ctx context.Context, mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.EmailCode, systemDefaults systemdefaults.SystemDefaults, smtpConfig func(ctx context.Context) (*smtp.EmailConfig, error), alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
 	codeString, err := crypto.DecryptString(code.Code, alg)
 	if err != nil {
 		return err
@@ -38,5 +41,5 @@ func SendEmailVerificationCode(mailhtml string, translator *i18n.Translator, use
 	if err != nil {
 		return err
 	}
-	return generateEmail(user, emailCodeData.Subject, template, systemDefaults.Notifications, true)
+	return generateEmail(ctx, user, emailCodeData.Subject, template, systemDefaults.Notifications, smtpConfig, true)
 }
--- a/internal/notification/types/init_code.go
+++ b/internal/notification/types/init_code.go
@@ -1,10 +1,13 @@
 package types

 import (
+	"context"
+
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/query"
 	es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
@@ -22,7 +25,7 @@ type UrlData struct {
 	PasswordSet bool
 }

-func SendUserInitCode(mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.InitUserCode, systemDefaults systemdefaults.SystemDefaults, alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
+func SendUserInitCode(ctx context.Context, mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.InitUserCode, systemDefaults systemdefaults.SystemDefaults, smtpConfig func(ctx context.Context) (*smtp.EmailConfig, error), alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
 	codeString, err := crypto.DecryptString(code.Code, alg)
 	if err != nil {
 		return err
@@ -42,5 +45,5 @@ func SendUserInitCode(mailhtml string, translator *i18n.Translator, user *view_m
 	if err != nil {
 		return err
 	}
-	return generateEmail(user, initCodeData.Subject, template, systemDefaults.Notifications, true)
+	return generateEmail(ctx, user, initCodeData.Subject, template, systemDefaults.Notifications, smtpConfig, true)
 }
--- a/internal/notification/types/password_code.go
+++ b/internal/notification/types/password_code.go
@@ -1,10 +1,13 @@
 package types

 import (
+	"context"
+
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/query"
 	es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
@@ -18,7 +21,7 @@ type PasswordCodeData struct {
 	URL       string
 }

-func SendPasswordCode(mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.PasswordCode, systemDefaults systemdefaults.SystemDefaults, alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
+func SendPasswordCode(ctx context.Context, mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *es_model.PasswordCode, systemDefaults systemdefaults.SystemDefaults, smtpConfig func(ctx context.Context) (*smtp.EmailConfig, error), alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
 	codeString, err := crypto.DecryptString(code.Code, alg)
 	if err != nil {
 		return err
@@ -43,6 +46,6 @@ func SendPasswordCode(mailhtml string, translator *i18n.Translator, user *view_m
 	if code.NotificationType == int32(domain.NotificationTypeSms) {
 		return generateSms(user, passwordResetData.Text, systemDefaults.Notifications, false)
 	}
-	return generateEmail(user, passwordResetData.Subject, template, systemDefaults.Notifications, true)
+	return generateEmail(ctx, user, passwordResetData.Subject, template, systemDefaults.Notifications, smtpConfig, true)

 }
--- a/internal/notification/types/passwordless_registration_link.go
+++ b/internal/notification/types/passwordless_registration_link.go
@@ -1,10 +1,13 @@
 package types

 import (
+	"context"
+
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/query"
 	"github.com/caos/zitadel/internal/repository/user"
@@ -16,7 +19,7 @@ type PasswordlessRegistrationLinkData struct {
 	URL string
 }

-func SendPasswordlessRegistrationLink(mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *user.HumanPasswordlessInitCodeRequestedEvent, systemDefaults systemdefaults.SystemDefaults, alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
+func SendPasswordlessRegistrationLink(ctx context.Context, mailhtml string, translator *i18n.Translator, user *view_model.NotifyUser, code *user.HumanPasswordlessInitCodeRequestedEvent, systemDefaults systemdefaults.SystemDefaults, smtpConfig func(ctx context.Context) (*smtp.EmailConfig, error), alg crypto.EncryptionAlgorithm, colors *query.LabelPolicy, assetsPrefix string) error {
 	codeString, err := crypto.DecryptString(code.Code, alg)
 	if err != nil {
 		return err
@@ -33,5 +36,5 @@ func SendPasswordlessRegistrationLink(mailhtml string, translator *i18n.Translat
 	if err != nil {
 		return err
 	}
-	return generateEmail(user, emailCodeData.Subject, template, systemDefaults.Notifications, true)
+	return generateEmail(ctx, user, emailCodeData.Subject, template, systemDefaults.Notifications, smtpConfig, true)
 }
--- a/internal/notification/types/user_email.go
+++ b/internal/notification/types/user_email.go
@@ -1,8 +1,10 @@
 package types

 import (
+	"context"
 	"html"

+	"github.com/caos/zitadel/internal/notification/channels/smtp"
 	"github.com/caos/zitadel/internal/notification/messages"
 	"github.com/caos/zitadel/internal/notification/senders"

@@ -10,19 +12,18 @@ import (
 	view_model "github.com/caos/zitadel/internal/user/repository/view/model"
 )

-func generateEmail(user *view_model.NotifyUser, subject, content string, config systemdefaults.Notifications, lastEmail bool) error {
+func generateEmail(ctx context.Context, user *view_model.NotifyUser, subject, content string, config systemdefaults.Notifications, smtpConfig func(ctx context.Context) (*smtp.EmailConfig, error), lastEmail bool) error {
 	content = html.UnescapeString(content)
 	message := &messages.Email{
-		SenderEmail: config.Providers.Email.From,
-		Recipients:  []string{user.VerifiedEmail},
-		Subject:     subject,
-		Content:     content,
+		Recipients: []string{user.VerifiedEmail},
+		Subject:    subject,
+		Content:    content,
 	}
 	if lastEmail {
 		message.Recipients = []string{user.LastEmail}
 	}

-	channels, err := senders.EmailChannels(config)
+	channels, err := senders.EmailChannels(ctx, config, smtpConfig)
 	if err != nil {
 		return err
 	}