readme: check auth

By design, go-smtp won't check whether the session is authenticated during MAIL/RCPT/DATA commands. Make this more explicit by checking whether the session is authenticated in the example. Closes: #216
emersion · Jun 12, 2023 · 9e949e0 · 9e949e0
1 parent a5a8e30
commit 9e949e0
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -103,26 +103,38 @@ func (bkd *Backend) NewSession(_ *smtp.Conn) (smtp.Session, error) {
 }
 
 // A Session is returned after EHLO.
-type Session struct{}
+type Session struct {
+	auth bool
+}
 
 func (s *Session) AuthPlain(username, password string) error {
 	if username != "username" || password != "password" {
 		return smtp.ErrAuthFailed
 	}
+	s.auth = true
 	return nil
 }
 
 func (s *Session) Mail(from string, opts *smtp.MailOptions) error {
+	if !s.auth {
+		return ErrAuthRequired
+	}
 	log.Println("Mail from:", from)
 	return nil
 }
 
 func (s *Session) Rcpt(to string) error {
+	if !s.auth {
+		return ErrAuthRequired
+	}
 	log.Println("Rcpt to:", to)
 	return nil
 }
 
 func (s *Session) Data(r io.Reader) error {
+	if !s.auth {
+		return ErrAuthRequired
+	}
 	if b, err := ioutil.ReadAll(r); err != nil {
 		return err
 	} else {