chore(release): update versions (#505)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

.gitignore

@@ -35,6 +35,8 @@ cache
 *.db-shm
 *.db-wal
 *.sqlite
+*.sqlite-shm
+*.sqlite-wal
 
 local-documents
 ingestion

CONTRIBUTING.md

@@ -105,6 +105,73 @@ We recommend running the app locally for development. Follow these steps:
 
 6. Open your browser and navigate to `http://localhost:3000`.
 
+### IDE Setup
+
+#### ESLint Extension
+
+We recommend installing the [ESLint extension](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) for VS Code to get real-time linting feedback and automatic code fixing.
+The linting configuration is based on [@antfu/eslint-config](https://github.com/antfu/eslint-config), you can find specific IDE configurations in their repository.
+
+<details>
+<summary>Recommended VS Code Settings</summary>
+
+Create or update your `.vscode/settings.json` file with the following configuration:
+
+```json
+{
+  // Disable the default formatter, use eslint instead
+  "prettier.enable": false,
+  "editor.formatOnSave": false,
+
+  // Auto fix
+  "editor.codeActionsOnSave": {
+    "source.fixAll.eslint": "explicit",
+    "source.organizeImports": "never"
+  },
+
+  // Silent the stylistic rules in your IDE, but still auto fix them
+  "eslint.rules.customizations": [
+    { "rule": "style/*", "severity": "off", "fixable": true },
+    { "rule": "format/*", "severity": "off", "fixable": true },
+    { "rule": "*-indent", "severity": "off", "fixable": true },
+    { "rule": "*-spacing", "severity": "off", "fixable": true },
+    { "rule": "*-spaces", "severity": "off", "fixable": true },
+    { "rule": "*-order", "severity": "off", "fixable": true },
+    { "rule": "*-dangle", "severity": "off", "fixable": true },
+    { "rule": "*-newline", "severity": "off", "fixable": true },
+    { "rule": "*quotes", "severity": "off", "fixable": true },
+    { "rule": "*semi", "severity": "off", "fixable": true }
+  ],
+
+  // Enable eslint for all supported languages
+  "eslint.validate": [
+    "javascript",
+    "javascriptreact",
+    "typescript",
+    "typescriptreact",
+    "vue",
+    "html",
+    "markdown",
+    "json",
+    "jsonc",
+    "yaml",
+    "toml",
+    "xml",
+    "gql",
+    "graphql",
+    "astro",
+    "svelte",
+    "css",
+    "less",
+    "scss",
+    "pcss",
+    "postcss"
+  ]
+}
+```
+
+</details>
+
 ### Testing
 
 We use **Vitest** for testing. Each package comes with its own testing commands.

apps/papra-client/CHANGELOG.md

@@ -1,5 +1,31 @@
 # @papra/app-client
 
+## 0.9.3
+
+### Patch Changes
+
+- [#506](https://github.com/papra-hq/papra/pull/506) [`6bcb2a7`](https://github.com/papra-hq/papra/commit/6bcb2a71e990d534dd12d84e64a38f2b2baea25a) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added the possibility to define patterns for email intake username generation
+
+## 0.9.2
+
+### Patch Changes
+
+- [#501](https://github.com/papra-hq/papra/pull/501) [`b5bf0cc`](https://github.com/papra-hq/papra/commit/b5bf0cca4b571495329cb553da06e0d334ee8968) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Fix an issue preventing to disable the max upload size
+
+- [#498](https://github.com/papra-hq/papra/pull/498) [`3da13f7`](https://github.com/papra-hq/papra/commit/3da13f759155df5d7c532160a7ea582385db63b6) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Removed the "open in new tab" button for security improvement (xss prevention)
+
+## 0.9.1
+
+### Patch Changes
+
+- [#492](https://github.com/papra-hq/papra/pull/492) [`54514e1`](https://github.com/papra-hq/papra/commit/54514e15db5deaffc59dcba34929b5e2e74282e1) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added a client side guard for rejecting too-big files
+
+- [#488](https://github.com/papra-hq/papra/pull/488) [`83e943c`](https://github.com/papra-hq/papra/commit/83e943c5b46432e55b6dfbaa587019a95ffab466) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Fix favicons display issues on firefox
+
+- [#492](https://github.com/papra-hq/papra/pull/492) [`54514e1`](https://github.com/papra-hq/papra/commit/54514e15db5deaffc59dcba34929b5e2e74282e1) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Fix i18n messages when a file-too-big error happens
+
+- [#492](https://github.com/papra-hq/papra/pull/492) [`54514e1`](https://github.com/papra-hq/papra/commit/54514e15db5deaffc59dcba34929b5e2e74282e1) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Clean all upload method to happen through the import status modal
+
 ## 0.9.0
 
 ### Patch Changes

apps/papra-client/eslint.config.js

@@ -6,8 +6,7 @@ export default antfu({
   },
 
   ignores: [
-    // Generated file
-    'src/modules/i18n/locales.types.ts',
+    'public/manifest.json',
   ],
 
   rules: {

apps/papra-client/index.html

@@ -27,10 +27,23 @@
     <meta property="twitter:image" content="https://papra.app/og-image.png">
 
     <!-- Favicon and Icons -->
-    <link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96" />
-    <link rel="shortcut icon" href="/favicon.ico" />
-    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png" />
-    <link rel="manifest" href="/site.webmanifest" />
+    <link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
+    <link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
+    <link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
+    <link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
+    <link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
+    <link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
+    <link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
+    <link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
+    <link rel="icon" type="image/png" sizes="192x192"  href="/android-icon-192x192.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/manifest.json">
+    <meta name="msapplication-TileColor" content="#ffffff">
+    <meta name="msapplication-TileImage" content="/ms-icon-144x144.png">
+    <meta name="theme-color" content="#ffffff">
 
     <!-- Structured Data (JSON-LD for rich snippets) -->
     <script type="application/ld+json">

apps/papra-client/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@papra/app-client",
   "type": "module",
-  "version": "0.9.0",
+  "version": "0.9.3",
   "private": true,
   "packageManager": "pnpm@10.12.3",
   "description": "Papra frontend client",
@@ -21,12 +21,10 @@
     "serve": "vite preview",
     "lint": "eslint .",
     "lint:fix": "eslint --fix .",
-    "test": "pnpm check-i18n-types-outdated && vitest run",
+    "test": "vitest run",
     "test:watch": "vitest watch",
     "test:e2e": "playwright test",
     "typecheck": "tsc --noEmit",
-    "check-i18n-types-outdated": "pnpm script:generate-i18n-types && git diff --exit-code -- src/modules/i18n/locales.types.ts > /dev/null || (echo \"Locales types are outdated, please run 'pnpm script:generate-i18n-types' and commit the changes.\" && exit 1)",
-    "script:get-missing-i18n-keys": "tsx src/scripts/get-missing-i18n-keys.script.ts",
     "script:sync-i18n-key-order": "tsx src/scripts/sync-i18n-key-order.script.ts"
   },
   "dependencies": {

apps/papra-client/public/browserconfig.xml

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig><msapplication><tile><square70x70logo src="/ms-icon-70x70.png"/><square150x150logo src="/ms-icon-150x150.png"/><square310x310logo src="/ms-icon-310x310.png"/><TileColor>#ffffff</TileColor></tile></msapplication></browserconfig>

apps/papra-client/public/manifest.json

@@ -0,0 +1,41 @@
+{
+  "name": "Papra",
+  "icons": [
+    {
+      "src": "\/android-icon-36x36.png",
+      "sizes": "36x36",
+      "type": "image\/png",
+      "density": "0.75"
+    },
+    {
+      "src": "\/android-icon-48x48.png",
+      "sizes": "48x48",
+      "type": "image\/png",
+      "density": "1.0"
+    },
+    {
+      "src": "\/android-icon-72x72.png",
+      "sizes": "72x72",
+      "type": "image\/png",
+      "density": "1.5"
+    },
+    {
+      "src": "\/android-icon-96x96.png",
+      "sizes": "96x96",
+      "type": "image\/png",
+      "density": "2.0"
+    },
+    {
+      "src": "\/android-icon-144x144.png",
+      "sizes": "144x144",
+      "type": "image\/png",
+      "density": "3.0"
+    },
+    {
+      "src": "\/android-icon-192x192.png",
+      "sizes": "192x192",
+      "type": "image\/png",
+      "density": "4.0"
+    }
+  ]
+}

apps/papra-client/src/locales/de.dictionary.ts

@@ -540,8 +540,9 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'Das Dokument existiert bereits',
-  'api-errors.document.file_too_big': 'Die Dokumentdatei ist zu groß',
-  'api-errors.intake_email.limit_reached': 'Die maximale Anzahl an Eingangse-Mails für diese Organisation wurde erreicht. Bitte aktualisieren Sie Ihren Plan, um weitere Eingangse-Mails zu erstellen.',
+  'api-errors.document.size_too_large': 'Die Datei ist zu groß',
+  'api-errors.intake-emails.already_exists': 'Eine Eingang-Email mit dieser Adresse existiert bereits.',
+  'api-errors.intake_email.limit_reached': 'Die maximale Anzahl an Eingang-EMails für diese Organisation wurde erreicht. Bitte aktualisieren Sie Ihren Plan, um weitere Eingangse-Mails zu erstellen.',
   'api-errors.user.max_organization_count_reached': 'Sie haben die maximale Anzahl an Organisationen erreicht, die Sie erstellen können. Wenn Sie weitere erstellen möchten, kontaktieren Sie bitte den Support.',
   'api-errors.default': 'Beim Verarbeiten Ihrer Anfrage ist ein Fehler aufgetreten.',
   'api-errors.organization.invitation_already_exists': 'Eine Einladung für diese E-Mail existiert bereits in dieser Organisation.',

apps/papra-client/src/locales/en.dictionary.ts

@@ -538,7 +538,8 @@ export const translations = {
   // API errors
 
   'api-errors.document.already_exists': 'The document already exists',
-  'api-errors.document.file_too_big': 'The document file is too big',
+  'api-errors.document.size_too_large': 'The file size is too large',
+  'api-errors.intake-emails.already_exists': 'An intake email with this address already exists.',
   'api-errors.intake_email.limit_reached': 'The maximum number of intake emails for this organization has been reached. Please upgrade your plan to create more intake emails.',
   'api-errors.user.max_organization_count_reached': 'You have reached the maximum number of organizations you can create, if you need to create more, please contact support.',
   'api-errors.default': 'An error occurred while processing your request.',

apps/papra-client/src/locales/es.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'El documento ya existe',
-  'api-errors.document.file_too_big': 'El archivo del documento es demasiado grande',
+  'api-errors.document.size_too_large': 'El archivo es demasiado grande',
+  'api-errors.intake-emails.already_exists': 'Ya existe un correo de ingreso con esta dirección.',
   'api-errors.intake_email.limit_reached': 'Se ha alcanzado el número máximo de correos de ingreso para esta organización. Por favor, mejora tu plan para crear más correos de ingreso.',
   'api-errors.user.max_organization_count_reached': 'Has alcanzado el número máximo de organizaciones que puedes crear, si necesitas crear más, contacta al soporte.',
   'api-errors.default': 'Ocurrió un error al procesar tu solicitud.',

apps/papra-client/src/locales/fr.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'Le document existe déjà',
-  'api-errors.document.file_too_big': 'Le fichier du document est trop grand',
+  'api-errors.document.size_too_large': 'Le fichier est trop volumineux',
+  'api-errors.intake-emails.already_exists': 'Un email de réception avec cette adresse existe déjà.',
   'api-errors.intake_email.limit_reached': 'Le nombre maximum d\'emails de réception pour cette organisation a été atteint. Veuillez mettre à niveau votre plan pour créer plus d\'emails de réception.',
   'api-errors.user.max_organization_count_reached': 'Vous avez atteint le nombre maximum d\'organisations que vous pouvez créer, si vous avez besoin de créer plus, veuillez contacter le support.',
   'api-errors.default': 'Une erreur est survenue lors du traitement de votre requête.',

apps/papra-client/src/locales/it.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'Il documento esiste già',
-  'api-errors.document.file_too_big': 'Il file del documento è troppo grande',
+  'api-errors.document.size_too_large': 'Il file è troppo grande',
+  'api-errors.intake-emails.already_exists': 'Un\'email di acquisizione con questo indirizzo esiste già.',
   'api-errors.intake_email.limit_reached': 'È stato raggiunto il numero massimo di email di acquisizione per questa organizzazione. Aggiorna il tuo piano per crearne altre.',
   'api-errors.user.max_organization_count_reached': 'Hai raggiunto il numero massimo di organizzazioni che puoi creare, se hai bisogno di crearne altre contatta il supporto.',
   'api-errors.default': 'Si è verificato un errore durante l\'elaborazione della richiesta.',

apps/papra-client/src/locales/pl.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'Dokument już istnieje',
-  'api-errors.document.file_too_big': 'Plik dokumentu jest zbyt duży',
+  'api-errors.document.size_too_large': 'Plik jest zbyt duży',
+  'api-errors.intake-emails.already_exists': 'Adres e-mail do przyjęć z tym adresem już istnieje.',
   'api-errors.intake_email.limit_reached': 'Osiągnięto maksymalną liczbę adresów e-mail do przyjęć dla tej organizacji. Aby utworzyć więcej adresów e-mail do przyjęć, zaktualizuj swój plan.',
   'api-errors.user.max_organization_count_reached': 'Osiągnięto maksymalną liczbę organizacji, które możesz utworzyć. Jeśli potrzebujesz utworzyć więcej, skontaktuj się z pomocą techniczną.',
   'api-errors.default': 'Wystąpił błąd podczas przetwarzania żądania.',

apps/papra-client/src/locales/pt-BR.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'O documento já existe',
-  'api-errors.document.file_too_big': 'O arquivo do documento é muito grande',
+  'api-errors.document.size_too_large': 'O arquivo é muito grande',
+  'api-errors.intake-emails.already_exists': 'Um e-mail de entrada com este endereço já existe.',
   'api-errors.intake_email.limit_reached': 'O número máximo de e-mails de entrada para esta organização foi atingido. Faça um upgrade no seu plano para criar mais e-mails de entrada.',
   'api-errors.user.max_organization_count_reached': 'Você atingiu o número máximo de organizações que pode criar. Se precisar criar mais, entre em contato com o suporte.',
   'api-errors.default': 'Ocorreu um erro ao processar sua solicitação.',

apps/papra-client/src/locales/pt.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'O documento já existe',
-  'api-errors.document.file_too_big': 'O arquivo do documento é muito grande',
+  'api-errors.document.size_too_large': 'O arquivo é muito grande',
+  'api-errors.intake-emails.already_exists': 'Um e-mail de entrada com este endereço já existe.',
   'api-errors.intake_email.limit_reached': 'O número máximo de e-mails de entrada para esta organização foi atingido. Faça um upgrade no seu plano para criar mais e-mails de entrada.',
   'api-errors.user.max_organization_count_reached': 'Atingiu o número máximo de organizações que pode criar. Se precisar de criar mais, entre em contato com o suporte.',
   'api-errors.default': 'Ocorreu um erro ao processar a solicitação.',

apps/papra-client/src/locales/ro.dictionary.ts

@@ -540,7 +540,8 @@ export const translations: Partial<TranslationsDictionary> = {
   // API errors
 
   'api-errors.document.already_exists': 'Documentul există deja',
-  'api-errors.document.file_too_big': 'Fișierul documentului este prea mare',
+  'api-errors.document.size_too_large': 'Fișierul este prea mare',
+  'api-errors.intake-emails.already_exists': 'Un email de primire cu această adresă există deja.',
   'api-errors.intake_email.limit_reached': 'Numărul maxim de email-uri de primire pentru această organizație a fost atins. Te rugăm să-ți îmbunătățești planul pentru a crea mai multe email-uri de primire.',
   'api-errors.user.max_organization_count_reached': 'Ai atins numărul maxim de organizații pe care le poți crea. Dacă ai nevoie să creezi mai multe, te rugăm să contactezi asistența.',
   'api-errors.default': 'A apărut o eroare la procesarea cererii.',

apps/papra-client/src/modules/config/config.ts

@@ -38,6 +38,9 @@ export const buildTimeConfig = {
     isEnabled: asBoolean(import.meta.env.VITE_INTAKE_EMAILS_IS_ENABLED, false),
   },
   isSubscriptionsEnabled: asBoolean(import.meta.env.VITE_IS_SUBSCRIPTIONS_ENABLED, false),
+  documentsStorage: {
+    maxUploadSize: asNumber(import.meta.env.VITE_DOCUMENTS_STORAGE_MAX_UPLOAD_SIZE, 10 * 1024 * 1024),
+  },
 } as const;
 
 export type Config = typeof buildTimeConfig;

apps/papra-client/src/modules/documents/components/document-import-status.component.tsx

@@ -5,6 +5,7 @@ import { A } from '@solidjs/router';
 import { throttle } from 'lodash-es';
 import { createContext, createSignal, For, Match, Show, Switch, useContext } from 'solid-js';
 import { Portal } from 'solid-js/web';
+import { useConfig } from '@/modules/config/config.provider';
 import { useI18n } from '@/modules/i18n/i18n.provider';
 import { promptUploadFiles } from '@/modules/shared/files/upload';
 import { useI18nApiErrors } from '@/modules/shared/http/composables/i18n-api-errors';
@@ -57,6 +58,7 @@ export const DocumentUploadProvider: ParentComponent = (props) => {
   const throttledInvalidateOrganizationDocumentsQuery = throttle(invalidateOrganizationDocumentsQuery, 500);
   const { getErrorMessage } = useI18nApiErrors();
   const { t } = useI18n();
+  const { config } = useConfig();
 
   const [getState, setState] = createSignal<'open' | 'closed' | 'collapsed'>('closed');
   const [getTasks, setTasks] = createSignal<Task[]>([]);
@@ -70,8 +72,14 @@ export const DocumentUploadProvider: ParentComponent = (props) => {
     setState('open');
 
     await Promise.all(files.map(async (file) => {
+      const { maxUploadSize } = config.documentsStorage;
       updateTaskStatus({ file, status: 'uploading' });
 
+      if (maxUploadSize > 0 && file.size > maxUploadSize) {
+        updateTaskStatus({ file, status: 'error', error: Object.assign(new Error('File too large'), { code: 'document.size_too_large' }) });
+        return;
+      }
+
       const [result, error] = await safely(uploadDocument({ file, organizationId }));
 
       if (error) {

apps/papra-client/src/modules/documents/components/document-upload-area.component.tsx

@@ -1,11 +1,9 @@
 import type { Component } from 'solid-js';
 import { useParams } from '@solidjs/router';
 import { createSignal } from 'solid-js';
-import { promptUploadFiles } from '@/modules/shared/files/upload';
-import { queryClient } from '@/modules/shared/query/query-client';
 import { cn } from '@/modules/shared/style/cn';
 import { Button } from '@/modules/ui/components/button';
-import { uploadDocument } from '../documents.services';
+import { useDocumentUpload } from './document-import-status.component';
 
 export const DocumentUploadArea: Component<{ organizationId?: string }> = (props) => {
   const [isDragging, setIsDragging] = createSignal(false);
@@ -13,21 +11,7 @@ export const DocumentUploadArea: Component<{ organizationId?: string }> = (props
 
   const getOrganizationId = () => props.organizationId ?? params.organizationId;
 
-  const uploadFiles = async ({ files }: { files: File[] }) => {
-    for (const file of files) {
-      await uploadDocument({ file, organizationId: getOrganizationId() });
-    }
-
-    await queryClient.invalidateQueries({
-      queryKey: ['organizations', getOrganizationId(), 'documents'],
-      refetchType: 'all',
-    });
-  };
-
-  const promptImport = async () => {
-    const { files } = await promptUploadFiles();
-    await uploadFiles({ files });
-  };
+  const { promptImport, uploadDocuments } = useDocumentUpload({ getOrganizationId });
 
   const handleDragOver = (event: DragEvent) => {
     event.preventDefault();
@@ -46,7 +30,7 @@ export const DocumentUploadArea: Component<{ organizationId?: string }> = (props
     }
 
     const files = [...event.dataTransfer.files].filter(file => file.type === 'application/pdf');
-    await uploadFiles({ files });
+    await uploadDocuments({ files });
   };
 
   return (

apps/papra-client/src/modules/documents/documents.composables.tsx

@@ -1,13 +1,9 @@
 import type { Document } from './documents.types';
-import { safely } from '@corentinth/chisels';
-import { throttle } from 'lodash-es';
 import { createSignal } from 'solid-js';
 import { useConfirmModal } from '../shared/confirm';
-import { promptUploadFiles } from '../shared/files/upload';
-import { isHttpErrorWithCode } from '../shared/http/http-errors';
 import { queryClient } from '../shared/query/query-client';
 import { createToast } from '../ui/components/sonner';
-import { deleteDocument, restoreDocument, uploadDocument } from './documents.services';
+import { deleteDocument, restoreDocument } from './documents.services';
 
 export function invalidateOrganizationDocumentsQuery({ organizationId }: { organizationId: string }) {
   return queryClient.invalidateQueries({
@@ -76,57 +72,3 @@ export function useRestoreDocument() {
     },
   };
 }
-
-function toastUploadError({ error, file }: { error: Error; file: File }) {
-  if (isHttpErrorWithCode({ error, code: 'document.already_exists' })) {
-    createToast({
-      type: 'error',
-      message: 'Document already exists',
-      description: `The document ${file.name} already exists, it has not been uploaded.`,
-    });
-
-    return;
-  }
-
-  if (isHttpErrorWithCode({ error, code: 'document.file_too_big' })) {
-    createToast({
-      type: 'error',
-      message: 'Document too big',
-      description: `The document ${file.name} is too big, it has not been uploaded.`,
-    });
-
-    return;
-  }
-
-  createToast({
-    type: 'error',
-    message: 'Failed to upload document',
-    description: error.message,
-  });
-}
-
-export function useUploadDocuments({ organizationId }: { organizationId: string }) {
-  const uploadDocuments = async ({ files }: { files: File[] }) => {
-    const throttledInvalidateOrganizationDocumentsQuery = throttle(invalidateOrganizationDocumentsQuery, 500);
-
-    await Promise.all(files.map(async (file) => {
-      const [, error] = await safely(uploadDocument({ file, organizationId }));
-
-      if (error) {
-        toastUploadError({ error, file });
-      }
-
-      await throttledInvalidateOrganizationDocumentsQuery({ organizationId });
-    }),
-    );
-  };
-
-  return {
-    uploadDocuments,
-    promptImport: async () => {
-      const { files } = await promptUploadFiles();
-
-      await uploadDocuments({ files });
-    },
-  };
-}

apps/papra-client/src/modules/documents/pages/document.page.tsx

@@ -214,15 +214,6 @@ export const DocumentPage: Component = () => {
                       {t('documents.actions.download')}
                     </Button>
 
-                    <Button
-                      variant="outline"
-                      onClick={() => window.open(getDataUrl()!, '_blank')}
-                      size="sm"
-                    >
-                      <div class="i-tabler-eye size-4 mr-2"></div>
-                      {t('documents.actions.open-in-new-tab')}
-                    </Button>
-
                     {getDocument().isDeleted
                       ? (
                           <Button

apps/papra-client/src/modules/i18n/locales.types.ts

@@ -1,5 +1,4 @@
-import { translations as defaultTranslations } from '@/locales/en.dictionary';
+import type { translations as defaultTranslations } from '@/locales/en.dictionary';
 
 export type TranslationKeys = keyof typeof defaultTranslations;
 export type TranslationsDictionary = Record<TranslationKeys, string>;
- 

apps/papra-client/src/modules/intake-emails/pages/intake-emails.page.tsx

@@ -10,7 +10,7 @@ import { useConfig } from '@/modules/config/config.provider';
 import { useI18n } from '@/modules/i18n/i18n.provider';
 import { useConfirmModal } from '@/modules/shared/confirm';
 import { createForm } from '@/modules/shared/form/form';
-import { isHttpErrorWithCode } from '@/modules/shared/http/http-errors';
+import { useI18nApiErrors } from '@/modules/shared/http/composables/i18n-api-errors';
 import { queryClient } from '@/modules/shared/query/query-client';
 import { cn } from '@/modules/shared/style/cn';
 import { Alert, AlertDescription } from '@/modules/ui/components/alert';
@@ -187,6 +187,7 @@ export const IntakeEmailsPage: Component = () => {
 
   const params = useParams();
   const { confirm } = useConfirmModal();
+  const { getErrorMessage } = useI18nApiErrors({ t });
 
   const query = useQuery(() => ({
     queryKey: ['organizations', params.organizationId, 'intake-emails'],
@@ -196,16 +197,12 @@ export const IntakeEmailsPage: Component = () => {
   const createEmail = async () => {
     const [,error] = await safely(createIntakeEmail({ organizationId: params.organizationId }));
 
-    if (isHttpErrorWithCode({ error, code: 'intake_email.limit_reached' })) {
+    if (error) {
       createToast({
-        message: t('api-errors.intake_email.limit_reached'),
+        message: getErrorMessage({ error }),
         type: 'error',
       });
 
-      return;
-    }
-
-    if (error) {
       throw error;
     }
 

apps/papra-client/src/modules/organizations/pages/organization.page.tsx

@@ -3,9 +3,9 @@ import { formatBytes } from '@corentinth/chisels';
 import { useParams } from '@solidjs/router';
 import { createQueries, keepPreviousData } from '@tanstack/solid-query';
 import { createSignal, Show, Suspense } from 'solid-js';
+import { useDocumentUpload } from '@/modules/documents/components/document-import-status.component';
 import { DocumentUploadArea } from '@/modules/documents/components/document-upload-area.component';
 import { createdAtColumn, DocumentsPaginatedList, standardActionsColumn, tagsColumn } from '@/modules/documents/components/documents-list.component';
-import { useUploadDocuments } from '@/modules/documents/documents.composables';
 import { fetchOrganizationDocuments, getOrganizationDocumentsStats } from '@/modules/documents/documents.services';
 import { useI18n } from '@/modules/i18n/i18n.provider';
 import { Button } from '@/modules/ui/components/button';
@@ -32,7 +32,7 @@ export const OrganizationPage: Component = () => {
     ],
   }));
 
-  const { promptImport } = useUploadDocuments({ organizationId: params.organizationId });
+  const { promptImport } = useDocumentUpload({ getOrganizationId: () => params.organizationId });
 
   return (
     <div class="p-6 mt-4 pb-32 max-w-5xl mx-auto">

apps/papra-client/src/modules/shared/http/composables/i18n-api-errors.ts

@@ -1,5 +1,6 @@
 import type { TranslationKeys } from '@/modules/i18n/locales.types';
 import { get } from 'lodash-es';
+import { FetchError } from 'ofetch';
 import { useI18n } from '@/modules/i18n/i18n.provider';
 
 function codeToKey(code: string): TranslationKeys {
@@ -30,6 +31,11 @@ export function useI18nApiErrors({ t = useI18n().t }: { t?: ReturnType<typeof us
         return translation;
       }
 
+      // Fetch error message is not helpful
+      if (error instanceof FetchError) {
+        return getDefaultErrorMessage();
+      }
+
       if (typeof error === 'object' && error && 'message' in error && typeof error.message === 'string') {
         return error.message;
       }

apps/papra-client/vitest.config.ts

@@ -0,0 +1,9 @@
+import { defineConfig } from 'vitest/config';
+
+export default defineConfig({
+  test: {
+    env: {
+      TZ: 'UTC',
+    },
+  },
+});

apps/papra-server/CHANGELOG.md

@@ -1,5 +1,44 @@
 # @papra/app-server
 
+## 0.9.3
+
+### Patch Changes
+
+- [#506](https://github.com/papra-hq/papra/pull/506) [`6bcb2a7`](https://github.com/papra-hq/papra/commit/6bcb2a71e990d534dd12d84e64a38f2b2baea25a) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added the possibility to define patterns for email intake username generation
+
+- [#504](https://github.com/papra-hq/papra/pull/504) [`936bc2b`](https://github.com/papra-hq/papra/commit/936bc2bd0a788e4fb0bceb6d14810f9f8734097b) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Split the intake-email username generation from the email address creation, some changes regarding the configuration when using the `random` driver.
+
+  ```env
+  # Old configuration
+  INTAKE_EMAILS_DRIVER=random-username
+  INTAKE_EMAILS_EMAIL_GENERATION_DOMAIN=mydomain.com
+
+  # New configuration
+  INTAKE_EMAILS_DRIVER=catch-all
+  INTAKE_EMAILS_CATCH_ALL_DOMAIN=mydomain.com
+  INTAKE_EMAILS_USERNAME_DRIVER=random
+  ```
+
+- [#504](https://github.com/papra-hq/papra/pull/504) [`936bc2b`](https://github.com/papra-hq/papra/commit/936bc2bd0a788e4fb0bceb6d14810f9f8734097b) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added the possibility to configure OwlRelay domain
+
+## 0.9.2
+
+### Patch Changes
+
+- [#493](https://github.com/papra-hq/papra/pull/493) [`ed4d7e4`](https://github.com/papra-hq/papra/commit/ed4d7e4a00b2ca2c7fe808201c322f957d6ed990) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Fix to allow cross docker volume file moving when consumption is done
+
+- [#500](https://github.com/papra-hq/papra/pull/500) [`208a561`](https://github.com/papra-hq/papra/commit/208a561668ed2d1019430a9f4f5c5d3fd4cde603) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added the possibility to define a Libsql/Sqlite driver for the tasks service
+
+- [#499](https://github.com/papra-hq/papra/pull/499) [`40cb1d7`](https://github.com/papra-hq/papra/commit/40cb1d71d5e52c40aab7ea2c6bc222cea6d55b70) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Enhanced security by serving files as attachement and with an octet-stream content type
+
+## 0.9.1
+
+### Patch Changes
+
+- [#492](https://github.com/papra-hq/papra/pull/492) [`54514e1`](https://github.com/papra-hq/papra/commit/54514e15db5deaffc59dcba34929b5e2e74282e1) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Added a client side guard for rejecting too-big files
+
+- [#491](https://github.com/papra-hq/papra/pull/491) [`bb9d555`](https://github.com/papra-hq/papra/commit/bb9d5556d3f16225ae40ca4d39600999e819b2c4) Thanks [@CorentinTh](https://github.com/CorentinTh)! - Fix cleanup state when a too-big-file is uploaded
+
 ## 0.9.0
 
 ### Minor Changes

apps/papra-server/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@papra/app-server",
   "type": "module",
-  "version": "0.9.0",
+  "version": "0.9.3",
   "private": true,
   "packageManager": "pnpm@10.12.3",
   "description": "Papra app server",
@@ -42,6 +42,7 @@
     "@aws-sdk/lib-storage": "^3.835.0",
     "@azure/storage-blob": "^12.27.0",
     "@cadence-mq/core": "^0.2.1",
+    "@cadence-mq/driver-libsql": "^0.2.1",
     "@cadence-mq/driver-memory": "^0.2.0",
     "@corentinth/chisels": "^1.3.1",
     "@corentinth/friendly-ids": "^0.0.1",
@@ -54,6 +55,7 @@
     "@papra/lecture": "workspace:*",
     "@papra/webhooks": "workspace:*",
     "@paralleldrive/cuid2": "^2.2.2",
+    "@sindresorhus/slugify": "^3.0.0",
     "better-auth": "catalog:",
     "busboy": "^1.6.0",
     "c12": "^3.0.4",

apps/papra-server/src/index.ts

@@ -21,6 +21,8 @@ const { db, client } = setupDatabase(config.database);
 const documentsStorageService = createDocumentStorageService({ documentStorageConfig: config.documentsStorage });
 
 const taskServices = createTaskServices({ config });
+await taskServices.initialize();
+
 const { app } = await createServer({ config, db, taskServices, documentsStorageService });
 
 const server = serve(

apps/papra-server/src/modules/app/auth/auth.routes.ts

@@ -1,7 +1,7 @@
 import type { Context, RouteDefinitionContext } from '../server.types';
 import type { Session } from './auth.types';
 import { get } from 'lodash-es';
-import { isDefined } from '../../shared/utils';
+import { isDefined, isString } from '../../shared/utils';
 
 export function registerAuthRoutes({ app, auth, config }: RouteDefinitionContext) {
   app.on(
@@ -26,7 +26,7 @@ export function registerAuthRoutes({ app, auth, config }: RouteDefinitionContext
     app.use('*', async (context: Context, next) => {
       const overrideUserId: unknown = get(context.env, 'loggedInUserId');
 
-      if (isDefined(overrideUserId) && typeof overrideUserId === 'string') {
+      if (isDefined(overrideUserId) && isString(overrideUserId)) {
         context.set('userId', overrideUserId);
         context.set('session', {} as Session);
         context.set('authType', 'session');

apps/papra-server/src/modules/config/config.models.test.ts

@@ -69,6 +69,9 @@ describe('config models', () => {
           intakeEmails: {
             isEnabled: true,
           },
+          documentsStorage: {
+            maxUploadSize: 10485760,
+          },
         },
       });
     });

apps/papra-server/src/modules/config/config.models.ts

@@ -13,6 +13,7 @@ export function getPublicConfig({ config }: { config: Config }) {
       'auth.providers.github.isEnabled',
       'auth.providers.google.isEnabled',
       'documents.deletedDocumentsRetentionDays',
+      'documentsStorage.maxUploadSize',
       'intakeEmails.isEnabled',
     ]),
     {

apps/papra-server/src/modules/config/config.ts

@@ -15,6 +15,7 @@ import { intakeEmailsConfig } from '../intake-emails/intake-emails.config';
 import { organizationsConfig } from '../organizations/organizations.config';
 import { organizationPlansConfig } from '../plans/plans.config';
 import { createLogger } from '../shared/logger/logger';
+import { isString } from '../shared/utils';
 import { subscriptionsConfig } from '../subscriptions/subscriptions.config';
 import { tasksConfig } from '../tasks/tasks.config';
 import { trackingConfig } from '../tracking/tracking.config';
@@ -71,7 +72,7 @@ export const configDefinition = {
       schema: z.union([
         z.string(),
         z.array(z.string()),
-      ]).transform(value => (typeof value === 'string' ? value.split(',') : value)),
+      ]).transform(value => (isString(value) ? value.split(',') : value)),
       default: ['http://localhost:3000'],
       env: 'SERVER_CORS_ORIGINS',
     },

apps/papra-server/src/modules/documents/documents.constants.test.ts

@@ -0,0 +1,21 @@
+import { Buffer } from 'node:buffer';
+import { describe, expect, test } from 'vitest';
+import { MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD } from './documents.constants';
+
+const unusuallyLongFileName = 'an-unusually-long-file-name-in-order-to-test-the-content-length-header-with-the-metadata-that-are-included-in-the-form-data-so-lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-sed-do-eiusmod-tempor-incididunt-ut-labore-et-dolore-magna-aliqua-ut-enim-ad-minim-veniam-quis-nostrud-exercitation-ullamco-laboris-nisi-ut-aliquip-ex-ea-commodo-consequat-duis-aute-irure-dolor-in-reprehenderit-in-voluptate-velit-esse-cillum-dolore-eu-fugiat-nulla-pariatur-excepteur-sint-occaecat-proident-in-voluptate-velit-esse-cillum-dolore-eu-fugiat-nulla-pariatur-excepteur-sint-occaecat-proident-in-voluptate-velit-esse-cillum-dolore-eu-fugiat-nulla-pariatur-excepteur-sint-occaecat-proident.txt';
+
+describe('documents constants', () => {
+  // eslint-disable-next-line test/prefer-lowercase-title
+  describe('MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD', () => {
+    test('when uploading a formdata multipart, the body has boundaries and other metadata, so the content length is greater than the file size', async () => {
+      const fileSize = 100;
+      const formData = new FormData();
+      formData.append('file', new File(['a'.repeat(fileSize)], unusuallyLongFileName, { type: 'text/plain' }));
+      const body = new Response(formData);
+      const contentLength = Buffer.from(await body.arrayBuffer()).length;
+
+      expect(contentLength).to.be.greaterThan(fileSize);
+      expect(contentLength).to.be.lessThan(fileSize + MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD);
+    });
+  });
+});

apps/papra-server/src/modules/documents/documents.constants.ts

@@ -11,3 +11,6 @@ export const ORIGINAL_DOCUMENTS_STORAGE_KEY = 'originals';
 // import { ocrLanguages } from '@papra/lecture';
 // console.log(JSON.stringify(ocrLanguages));
 export const OCR_LANGUAGES = ['afr', 'amh', 'ara', 'asm', 'aze', 'aze_cyrl', 'bel', 'ben', 'bod', 'bos', 'bul', 'cat', 'ceb', 'ces', 'chi_sim', 'chi_tra', 'chr', 'cym', 'dan', 'deu', 'dzo', 'ell', 'eng', 'enm', 'epo', 'est', 'eus', 'fas', 'fin', 'fra', 'frk', 'frm', 'gle', 'glg', 'grc', 'guj', 'hat', 'heb', 'hin', 'hrv', 'hun', 'iku', 'ind', 'isl', 'ita', 'ita_old', 'jav', 'jpn', 'kan', 'kat', 'kat_old', 'kaz', 'khm', 'kir', 'kor', 'kur', 'lao', 'lat', 'lav', 'lit', 'mal', 'mar', 'mkd', 'mlt', 'msa', 'mya', 'nep', 'nld', 'nor', 'ori', 'pan', 'pol', 'por', 'pus', 'ron', 'rus', 'san', 'sin', 'slk', 'slv', 'spa', 'spa_old', 'sqi', 'srp', 'srp_latn', 'swa', 'swe', 'syr', 'tam', 'tel', 'tgk', 'tgl', 'tha', 'tir', 'tur', 'uig', 'ukr', 'urd', 'uzb', 'uzb_cyrl', 'vie', 'yid'] as const;
+
+// When uploading a formdata multipart, the body has boundaries and other metadata that need to be accounted for
+export const MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD = 1024; // 1024 bytes

apps/papra-server/src/modules/documents/documents.routes.ts

@@ -13,7 +13,7 @@ import { deferTriggerWebhooks } from '../webhooks/webhook.usecases';
 import { createDocumentActivityRepository } from './document-activity/document-activity.repository';
 import { deferRegisterDocumentActivityLog } from './document-activity/document-activity.usecases';
 import { createDocumentIsNotDeletedError } from './documents.errors';
-import { formatDocumentForApi, formatDocumentsForApi } from './documents.models';
+import { formatDocumentForApi, formatDocumentsForApi, isDocumentSizeLimitEnabled } from './documents.models';
 import { createDocumentsRepository } from './documents.repository';
 import { documentIdSchema } from './documents.schemas';
 import { createDocumentCreationUsecase, deleteAllTrashDocuments, deleteTrashDocument, ensureDocumentExists, getDocumentOrThrow } from './documents.usecases';
@@ -34,6 +34,8 @@ export function registerDocumentsRoutes(context: RouteDefinitionContext) {
 }
 
 function setupCreateDocumentRoute({ app, ...deps }: RouteDefinitionContext) {
+  const { config } = deps;
+
   app.post(
     '/api/organizations/:organizationId/documents',
     requireAuthentication({ apiKeyPermissions: ['documents:create'] }),
@@ -44,9 +46,12 @@ function setupCreateDocumentRoute({ app, ...deps }: RouteDefinitionContext) {
       const { userId } = getUser({ context });
       const { organizationId } = context.req.valid('param');
 
+      const { maxUploadSize } = config.documentsStorage;
+
       const { fileStream, fileName, mimeType } = await getFileStreamFromMultipartForm({
         body: context.req.raw.body,
         headers: context.req.header(),
+        maxFileSize: isDocumentSizeLimitEnabled({ maxUploadSize }) ? maxUploadSize : undefined,
       });
 
       const createDocument = createDocumentCreationUsecase({ ...deps });
@@ -283,9 +288,13 @@ function setupGetDocumentFileRoute({ app, db, documentsStorageService }: RouteDe
         Readable.toWeb(fileStream),
         200,
         {
-          'Content-Type': document.mimeType,
-          'Content-Disposition': `inline; filename*=UTF-8''${encodeURIComponent(document.name)}`,
+          // Prevent XSS by serving the file as an octet-stream
+          'Content-Type': 'application/octet-stream',
+          // Always use attachment for defense in depth - client uses blob API anyway
+          'Content-Disposition': `attachment; filename*=UTF-8''${encodeURIComponent(document.name)}`,
           'Content-Length': String(document.originalSize),
+          'X-Content-Type-Options': 'nosniff',
+          'X-Frame-Options': 'DENY',
         },
       );
     },

apps/papra-server/src/modules/documents/documents.usecases.ts

@@ -14,6 +14,8 @@ import type { DocumentsRepository } from './documents.repository';
 import type { Document } from './documents.types';
 import type { DocumentStorageService } from './storage/documents.storage.services';
 import type { EncryptionContext } from './storage/drivers/drivers.models';
+import { PassThrough } from 'node:stream';
+import { pipeline } from 'node:stream/promises';
 import { safely } from '@corentinth/chisels';
 import pLimit from 'p-limit';
 import { createOrganizationDocumentStorageLimitReachedError } from '../organizations/organizations.errors';
@@ -101,17 +103,27 @@ export async function createDocument({
     },
   });
 
-  const outputStream = fileStream
-    .pipe(hashStream)
-    .pipe(byteCountStream);
+  // Create a PassThrough stream that will be used for saving the file
+  // This allows us to use pipeline for better error handling
+  const outputStream = new PassThrough();
+
+  const streamProcessingPromise = pipeline(
+    fileStream,
+    hashStream,
+    byteCountStream,
+    outputStream,
+  );
 
   // We optimistically save the file to leverage streaming, if the file already exists, we will delete it
-  const newFileStorageContext = await documentsStorageService.saveFile({
-    fileStream: outputStream,
-    storageKey: originalDocumentStorageKey,
-    mimeType,
-    fileName,
-  });
+  const [newFileStorageContext] = await Promise.all([
+    documentsStorageService.saveFile({
+      fileStream: outputStream,
+      storageKey: originalDocumentStorageKey,
+      mimeType,
+      fileName,
+    }),
+    streamProcessingPromise,
+  ]);
 
   const hash = getHash();
   const size = getByteCount();

apps/papra-server/src/modules/documents/storage/drivers/fs/fs.storage-driver.ts

@@ -37,6 +37,14 @@ export const fsStorageDriverFactory = defineStorageDriver(({ documentStorageConf
         writeStream.on('error', (error) => {
           reject(error);
         });
+
+        // Listen for errors on the input stream as well
+        fileStream.on('error', (error) => {
+          // Clean up the write stream and file
+          writeStream.destroy();
+          fs.unlink(storagePath, () => {}); // Ignore errors when cleaning up
+          reject(error);
+        });
       });
     },
     getFileStream: async ({ storageKey }) => {

apps/papra-server/src/modules/documents/storage/drivers/s3/s3.storage-driver.ts

@@ -3,6 +3,7 @@ import { DeleteObjectCommand, GetObjectCommand, HeadObjectCommand, S3Client } fr
 
 import { Upload } from '@aws-sdk/lib-storage';
 import { safely } from '@corentinth/chisels';
+import { isString } from '../../../../shared/utils';
 import { createFileNotFoundError } from '../../document-storage.errors';
 import { defineStorageDriver } from '../drivers.models';
 
@@ -12,7 +13,7 @@ function isS3NotFoundError(error: Error) {
   const codes = ['NoSuchKey', 'NotFound'];
 
   return codes.includes(error.name)
-    || ('Code' in error && typeof error.Code === 'string' && codes.includes(error.Code));
+    || ('Code' in error && isString(error.Code) && codes.includes(error.Code));
 }
 
 export const s3StorageDriverFactory = defineStorageDriver(({ documentStorageConfig }) => {

apps/papra-server/src/modules/ingestion-folders/ingestion-folders.config.ts

@@ -1,6 +1,7 @@
 import type { ConfigDefinition } from 'figue';
 import { z } from 'zod';
 import { booleanishSchema } from '../config/config.schemas';
+import { isString } from '../shared/utils';
 import { defaultIgnoredPatterns } from './ingestion-folders.constants';
 
 export const ingestionFolderConfig = {
@@ -61,7 +62,7 @@ export const ingestionFolderConfig = {
     schema: z.union([
       z.string(),
       z.array(z.string()),
-    ]).transform(value => (typeof value === 'string' ? value.split(',') : value)),
+    ]).transform(value => (isString(value) ? value.split(',') : value)),
     default: defaultIgnoredPatterns,
     env: 'INGESTION_FOLDER_IGNORED_PATTERNS',
   },

apps/papra-server/src/modules/intake-emails/drivers/catch-all/catch-all.intake-email-driver.config.ts

@@ -1,11 +1,12 @@
 import type { ConfigDefinition } from 'figue';
+
 import { z } from 'zod';
 
-export const randomUsernameIntakeEmailDriverConfig = {
+export const catchAllIntakeEmailDriverConfig = {
   domain: {
-    doc: 'The domain to use when generating email addresses for intake emails when using the random username driver',
+    doc: 'The domain to use when generating email addresses for intake emails when using the `catch-all` driver',
     schema: z.string(),
-    default: 'papra.email',
-    env: 'INTAKE_EMAILS_EMAIL_GENERATION_DOMAIN',
+    default: 'papra.local',
+    env: 'INTAKE_EMAILS_CATCH_ALL_DOMAIN',
   },
 } as const satisfies ConfigDefinition;

apps/papra-server/src/modules/intake-emails/drivers/catch-all/catch-all.intake-email-driver.ts

@@ -0,0 +1,20 @@
+import { buildEmailAddress } from '../../intake-emails.models';
+import { defineIntakeEmailDriver } from '../intake-emails.drivers.models';
+
+export const CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME = 'catch-all';
+
+// This driver is used when no external service is used to manage the email addresses
+// like for example when using a catch-all domain
+export const catchAllIntakeEmailDriverFactory = defineIntakeEmailDriver(({ config }) => {
+  const { domain } = config.intakeEmails.drivers.catchAll;
+
+  return {
+    name: CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME,
+    createEmailAddress: async ({ username }) => {
+      const emailAddress = buildEmailAddress({ username, domain });
+
+      return { emailAddress };
+    },
+    deleteEmailAddress: async () => {},
+  };
+});

apps/papra-server/src/modules/intake-emails/drivers/intake-emails.drivers.models.ts

@@ -2,8 +2,8 @@ import type { Config } from '../../config/config.types';
 
 export type IntakeEmailsServices = {
   name: string;
-  generateEmailAddress: () => Promise<{ emailAddress: string }>;
-  deleteEmailAddress: ({ emailAddress }: { emailAddress: string }) => Promise<void>;
+  createEmailAddress: (args: { username: string }) => Promise<{ emailAddress: string }>;
+  deleteEmailAddress: (args: { emailAddress: string }) => Promise<void>;
 };
 
 export type IntakeEmailDriverFactory = (args: { config: Config }) => IntakeEmailsServices;

apps/papra-server/src/modules/intake-emails/drivers/intake-emails.drivers.ts

@@ -1,9 +1,9 @@
+import { CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME, catchAllIntakeEmailDriverFactory } from './catch-all/catch-all.intake-email-driver';
 import { OWLRELAY_INTAKE_EMAIL_DRIVER_NAME, owlrelayIntakeEmailDriverFactory } from './owlrelay/owlrelay.intake-email-driver';
-import { RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME, randomUsernameIntakeEmailDriverFactory } from './random-username/random-username.intake-email-driver';
 
 export const intakeEmailDrivers = {
-  [RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME]: randomUsernameIntakeEmailDriverFactory,
   [OWLRELAY_INTAKE_EMAIL_DRIVER_NAME]: owlrelayIntakeEmailDriverFactory,
+  [CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME]: catchAllIntakeEmailDriverFactory,
 } as const;
 
 export type IntakeEmailDriverName = keyof typeof intakeEmailDrivers;

apps/papra-server/src/modules/intake-emails/drivers/owlrelay/owlrelay.intake-email-driver.config.ts

@@ -15,4 +15,10 @@ export const owlrelayIntakeEmailDriverConfig = {
     default: undefined,
     env: 'OWLRELAY_WEBHOOK_URL',
   },
+  domain: {
+    doc: 'The domain to use when generating email addresses for intake emails with OwlRelay, if not provided, the OwlRelay will use their default domain',
+    schema: z.string().optional(), // TODO: check valid hostname
+    default: undefined,
+    env: 'OWLRELAY_DOMAIN',
+  },
 } as const satisfies ConfigDefinition;

apps/papra-server/src/modules/intake-emails/drivers/owlrelay/owlrelay.intake-email-driver.ts

@@ -1,7 +1,7 @@
 import { buildUrl, safely } from '@corentinth/chisels';
-import { generateId as generateHumanReadableId } from '@corentinth/friendly-ids';
 import { createClient } from '@owlrelay/api-sdk';
 import { getServerBaseUrl } from '../../../config/config.models';
+import { createError } from '../../../shared/errors/errors';
 import { createLogger } from '../../../shared/logger/logger';
 import { INTAKE_EMAILS_INGEST_ROUTE } from '../../intake-emails.constants';
 import { buildEmailAddress } from '../../intake-emails.models';
@@ -14,24 +14,35 @@ const logger = createLogger({ namespace: 'intake-emails.drivers.owlrelay' });
 export const owlrelayIntakeEmailDriverFactory = defineIntakeEmailDriver(({ config }) => {
   const { serverBaseUrl } = getServerBaseUrl({ config });
   const { webhookSecret } = config.intakeEmails;
-  const { owlrelayApiKey, webhookUrl: configuredWebhookUrl } = config.intakeEmails.drivers.owlrelay;
+  const { owlrelayApiKey, webhookUrl: configuredWebhookUrl, domain } = config.intakeEmails.drivers.owlrelay;
 
-  const client = createClient({
-    apiKey: owlrelayApiKey,
-  });
+  const client = createClient({ apiKey: owlrelayApiKey });
 
   const webhookUrl = configuredWebhookUrl ?? buildUrl({ baseUrl: serverBaseUrl, path: INTAKE_EMAILS_INGEST_ROUTE });
 
   return {
     name: OWLRELAY_INTAKE_EMAIL_DRIVER_NAME,
-    generateEmailAddress: async () => {
-      const { domain, username, id: owlrelayEmailId } = await client.createEmail({
-        username: generateHumanReadableId(),
+    createEmailAddress: async ({ username }) => {
+      const [result, error] = await safely(client.createEmail({
+        username,
         webhookUrl,
         webhookSecret,
-      });
+        domain,
+      }));
 
-      const emailAddress = buildEmailAddress({ username, domain });
+      if (error) {
+        logger.error({ error, username }, 'Failed to create email address in OwlRelay');
+
+        throw createError({
+          code: 'intake_emails.create_email_address_failed',
+          message: 'Failed to create email address in OwlRelay',
+          statusCode: 500,
+          isInternal: true,
+        });
+      }
+
+      const { id: owlrelayEmailId, username: createdAddressUsername, domain: createdAddressDomain } = result;
+      const emailAddress = buildEmailAddress({ username: createdAddressUsername, domain: createdAddressDomain });
 
       logger.info({ emailAddress, owlrelayEmailId }, 'Created email address in OwlRelay');
 

apps/papra-server/src/modules/intake-emails/drivers/random-username/random-username.intake-email-driver.ts

@@ -1,21 +0,0 @@
-import { generateId as generateHumanReadableId } from '@corentinth/friendly-ids';
-import { defineIntakeEmailDriver } from '../intake-emails.drivers.models';
-
-export const RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME = 'random-username';
-
-export const randomUsernameIntakeEmailDriverFactory = defineIntakeEmailDriver(({ config }) => {
-  const { domain } = config.intakeEmails.drivers.randomUsername;
-
-  return {
-    name: RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME,
-    generateEmailAddress: async () => {
-      const randomUsername = generateHumanReadableId();
-
-      return {
-        emailAddress: `${randomUsername}@${domain}`,
-      };
-    },
-    // Deletion functionality is not required for this driver
-    deleteEmailAddress: async () => {},
-  };
-});

apps/papra-server/src/modules/intake-emails/intake-emails.config.ts

@@ -1,10 +1,11 @@
 import type { ConfigDefinition } from 'figue';
 import { z } from 'zod';
 import { booleanishSchema } from '../config/config.schemas';
+import { CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME } from './drivers/catch-all/catch-all.intake-email-driver';
+import { catchAllIntakeEmailDriverConfig } from './drivers/catch-all/catch-all.intake-email-driver.config';
 import { intakeEmailDrivers } from './drivers/intake-emails.drivers';
 import { owlrelayIntakeEmailDriverConfig } from './drivers/owlrelay/owlrelay.intake-email-driver.config';
-import { RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME } from './drivers/random-username/random-username.intake-email-driver';
-import { randomUsernameIntakeEmailDriverConfig } from './drivers/random-username/random-username.intake-email-driver.config';
+import { intakeEmailUsernameConfig } from './username-drivers/intake-email-username.config';
 
 export const intakeEmailsConfig = {
   isEnabled: {
@@ -13,20 +14,21 @@ export const intakeEmailsConfig = {
     default: false,
     env: 'INTAKE_EMAILS_IS_ENABLED',
   },
-  driver: {
-    doc: `The driver to use when generating email addresses for intake emails, value can be one of: ${Object.keys(intakeEmailDrivers).map(x => `\`${x}\``).join(', ')}`,
-    schema: z.enum(Object.keys(intakeEmailDrivers) as [string, ...string[]]),
-    default: RANDOM_USERNAME_INTAKE_EMAIL_DRIVER_NAME,
-    env: 'INTAKE_EMAILS_DRIVER',
-  },
   webhookSecret: {
     doc: 'The secret to use when verifying webhooks',
     schema: z.string(),
     default: 'change-me',
     env: 'INTAKE_EMAILS_WEBHOOK_SECRET',
   },
-  drivers: {
-    randomUsername: randomUsernameIntakeEmailDriverConfig,
-    owlrelay: owlrelayIntakeEmailDriverConfig,
+  driver: {
+    doc: `The driver to use when generating email addresses for intake emails, value can be one of: ${Object.keys(intakeEmailDrivers).map(x => `\`${x}\``).join(', ')}.`,
+    schema: z.enum(Object.keys(intakeEmailDrivers) as [string, ...string[]]),
+    default: CATCH_ALL_INTAKE_EMAIL_DRIVER_NAME,
+    env: 'INTAKE_EMAILS_DRIVER',
   },
+  drivers: {
+    owlrelay: owlrelayIntakeEmailDriverConfig,
+    catchAll: catchAllIntakeEmailDriverConfig,
+  },
+  username: intakeEmailUsernameConfig,
 } as const satisfies ConfigDefinition;

apps/papra-server/src/modules/intake-emails/intake-emails.errors.ts

@@ -11,3 +11,9 @@ export const createIntakeEmailNotFoundError = createErrorFactory({
   code: 'intake_email.not_found',
   statusCode: 404,
 });
+
+export const createIntakeEmailAlreadyExistsError = createErrorFactory({
+  message: 'Intake email already exists',
+  code: 'intake_email.already_exists',
+  statusCode: 400,
+});

apps/papra-server/src/modules/intake-emails/intake-emails.models.ts

@@ -27,6 +27,14 @@ export function parseEmailAddress({ email }: { email: string }) {
   const [username, ...plusParts] = fullUsername.split('+');
   const plusPart = plusParts.length > 0 ? plusParts.join('+') : undefined;
 
+  if (isNil(username)) {
+    throw createError({
+      message: 'Badly formatted email address',
+      code: 'intake_emails.badly_formatted_email_address',
+      statusCode: 400,
+    });
+  }
+
   return { username, domain, plusPart };
 }
 

apps/papra-server/src/modules/intake-emails/intake-emails.repository.ts

@@ -1,9 +1,10 @@
 import type { Database } from '../app/database/database.types';
-import { injectArguments } from '@corentinth/chisels';
+import { injectArguments, safely } from '@corentinth/chisels';
 import { and, count, eq } from 'drizzle-orm';
+import { isUniqueConstraintError } from '../shared/db/constraints.models';
 import { createError } from '../shared/errors/errors';
 import { omitUndefined } from '../shared/utils';
-import { createIntakeEmailNotFoundError } from './intake-emails.errors';
+import { createIntakeEmailAlreadyExistsError, createIntakeEmailNotFoundError } from './intake-emails.errors';
 import { intakeEmailsTable } from './intake-emails.tables';
 
 export type IntakeEmailsRepository = ReturnType<typeof createIntakeEmailsRepository>;
@@ -24,7 +25,17 @@ export function createIntakeEmailsRepository({ db }: { db: Database }) {
 }
 
 async function createIntakeEmail({ organizationId, emailAddress, db }: { organizationId: string; emailAddress: string; db: Database }) {
-  const [intakeEmail] = await db.insert(intakeEmailsTable).values({ organizationId, emailAddress }).returning();
+  const [result, error] = await safely(db.insert(intakeEmailsTable).values({ organizationId, emailAddress }).returning());
+
+  if (isUniqueConstraintError({ error })) {
+    throw createIntakeEmailAlreadyExistsError();
+  }
+
+  if (error) {
+    throw error;
+  }
+
+  const [intakeEmail] = result;
 
   if (!intakeEmail) {
     // Very unlikely to happen as the insertion should throw an issue, it's for type safety

apps/papra-server/src/modules/intake-emails/intake-emails.routes.ts

@@ -15,11 +15,13 @@ import { createLogger } from '../shared/logger/logger';
 import { isNil } from '../shared/utils';
 import { validateFormData, validateJsonBody, validateParams } from '../shared/validation/validation';
 import { createSubscriptionsRepository } from '../subscriptions/subscriptions.repository';
+import { createUsersRepository } from '../users/users.repository';
 import { INTAKE_EMAILS_INGEST_ROUTE } from './intake-emails.constants';
 import { createIntakeEmailsRepository } from './intake-emails.repository';
 import { allowedOriginsSchema, intakeEmailIdSchema, intakeEmailsIngestionMetaSchema, parseJson } from './intake-emails.schemas';
 import { createIntakeEmailsServices } from './intake-emails.services';
 import { createIntakeEmail, deleteIntakeEmail, processIntakeEmailIngestion } from './intake-emails.usecases';
+import { createIntakeEmailUsernameServices } from './username-drivers/intake-email-username.services';
 
 const logger = createLogger({ namespace: 'intake-emails.routes' });
 
@@ -65,20 +67,24 @@ function setupCreateIntakeEmailRoute({ app, db, config }: RouteDefinitionContext
       const { userId } = getUser({ context });
       const { organizationId } = context.req.valid('param');
 
+      const usersRepository = createUsersRepository({ db });
       const organizationsRepository = createOrganizationsRepository({ db });
       const intakeEmailsRepository = createIntakeEmailsRepository({ db });
       const intakeEmailsServices = createIntakeEmailsServices({ config });
       const plansRepository = createPlansRepository({ config });
       const subscriptionsRepository = createSubscriptionsRepository({ db });
+      const intakeEmailUsernameServices = createIntakeEmailUsernameServices({ config, usersRepository, organizationsRepository });
 
       await ensureUserIsInOrganization({ userId, organizationId, organizationsRepository });
 
       const { intakeEmail } = await createIntakeEmail({
+        userId,
         organizationId,
         intakeEmailsRepository,
         intakeEmailsServices,
         plansRepository,
         subscriptionsRepository,
+        intakeEmailUsernameServices,
       });
 
       return context.json({ intakeEmail });

apps/papra-server/src/modules/intake-emails/intake-emails.usecases.ts

@@ -4,6 +4,7 @@ import type { Logger } from '../shared/logger/logger';
 import type { SubscriptionsRepository } from '../subscriptions/subscriptions.repository';
 import type { IntakeEmailsServices } from './drivers/intake-emails.drivers.models';
 import type { IntakeEmailsRepository } from './intake-emails.repository';
+import type { IntakeEmailUsernameServices } from './username-drivers/intake-email-username.services';
 import { safely } from '@corentinth/chisels';
 import { getOrganizationPlan } from '../plans/plans.usecases';
 import { addLogContext, createLogger } from '../shared/logger/logger';
@@ -12,17 +13,21 @@ import { createIntakeEmailLimitReachedError, createIntakeEmailNotFoundError } fr
 import { getIsFromAllowedOrigin } from './intake-emails.models';
 
 export async function createIntakeEmail({
+  userId,
   organizationId,
   intakeEmailsRepository,
   intakeEmailsServices,
   plansRepository,
   subscriptionsRepository,
+  intakeEmailUsernameServices,
 }: {
+  userId: string;
   organizationId: string;
   intakeEmailsRepository: IntakeEmailsRepository;
   intakeEmailsServices: IntakeEmailsServices;
   plansRepository: PlansRepository;
   subscriptionsRepository: SubscriptionsRepository;
+  intakeEmailUsernameServices: IntakeEmailUsernameServices;
 }) {
   await checkIfOrganizationCanCreateNewIntakeEmail({
     organizationId,
@@ -31,7 +36,9 @@ export async function createIntakeEmail({
     intakeEmailsRepository,
   });
 
-  const { emailAddress } = await intakeEmailsServices.generateEmailAddress();
+  const { username } = await intakeEmailUsernameServices.generateIntakeEmailUsername({ userId, organizationId });
+
+  const { emailAddress } = await intakeEmailsServices.createEmailAddress({ username });
 
   const { intakeEmail } = await intakeEmailsRepository.createIntakeEmail({ organizationId, emailAddress });
 

apps/papra-server/src/modules/intake-emails/username-drivers/intake-email-username.config.ts

@@ -0,0 +1,17 @@
+import type { ConfigDefinition } from 'figue';
+import { z } from 'zod';
+import { intakeEmailUsernameDrivers } from './intake-email-username.drivers';
+import { patternIntakeEmailDriverConfig } from './pattern/pattern.intake-email-username-driver.config';
+import { RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME } from './random/random.intake-email-username-driver';
+
+export const intakeEmailUsernameConfig = {
+  driver: {
+    doc: `The driver to use when generating email addresses for intake emails, value can be one of: ${Object.keys(intakeEmailUsernameDrivers).map(x => `\`${x}\``).join(', ')}`,
+    schema: z.enum(Object.keys(intakeEmailUsernameDrivers) as [string, ...string[]]),
+    default: RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME,
+    env: 'INTAKE_EMAILS_USERNAME_DRIVER',
+  },
+  drivers: {
+    pattern: patternIntakeEmailDriverConfig,
+  },
+} as const satisfies ConfigDefinition;

apps/papra-server/src/modules/intake-emails/username-drivers/intake-email-username.drivers.ts

@@ -0,0 +1,10 @@
+import { patternIntakeEmailUsernameDriverFactory } from './pattern/pattern.intake-email-username-driver';
+import { PATTERN_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME } from './pattern/pattern.intake-email-username-driver.config';
+import { RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME, randomIntakeEmailUsernameDriverFactory } from './random/random.intake-email-username-driver';
+
+export const intakeEmailUsernameDrivers = {
+  [RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME]: randomIntakeEmailUsernameDriverFactory,
+  [PATTERN_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME]: patternIntakeEmailUsernameDriverFactory,
+} as const;
+
+export type IntakeEmailUsernameDriverName = keyof typeof intakeEmailUsernameDrivers;

apps/papra-server/src/modules/intake-emails/username-drivers/intake-email-username.models.ts

@@ -0,0 +1,20 @@
+import type { Logger } from '@crowlog/logger';
+import type { Config } from '../../config/config.types';
+import type { OrganizationsRepository } from '../../organizations/organizations.repository';
+import type { UsersRepository } from '../../users/users.repository';
+
+export type IntakeEmailUsernameDriver = {
+  name: string;
+  generateIntakeEmailUsername: (args: { userId: string; organizationId: string }) => Promise<{ username: string }>;
+};
+
+export type IntakeEmailUsernameDriverFactory = (args: {
+  config: Config;
+  logger?: Logger;
+  usersRepository: UsersRepository;
+  organizationsRepository: OrganizationsRepository;
+}) => IntakeEmailUsernameDriver;
+
+export function defineIntakeEmailUsernameDriverFactory(factory: IntakeEmailUsernameDriverFactory) {
+  return factory;
+}

apps/papra-server/src/modules/intake-emails/username-drivers/intake-email-username.services.ts

@@ -0,0 +1,35 @@
+import type { Config } from '../../config/config.types';
+import type { OrganizationsRepository } from '../../organizations/organizations.repository';
+import type { UsersRepository } from '../../users/users.repository';
+import type { IntakeEmailUsernameDriverName } from './intake-email-username.drivers';
+import type { IntakeEmailUsernameDriver, IntakeEmailUsernameDriverFactory } from './intake-email-username.models';
+import { createError } from '../../shared/errors/errors';
+import { isNil } from '../../shared/utils';
+import { intakeEmailUsernameDrivers } from './intake-email-username.drivers';
+
+export type IntakeEmailUsernameServices = IntakeEmailUsernameDriver;
+
+export function createIntakeEmailUsernameServices({
+  config,
+  ...dependencies
+}: {
+  config: Config;
+  usersRepository: UsersRepository;
+  organizationsRepository: OrganizationsRepository;
+}) {
+  const { driver } = config.intakeEmails.username;
+  const intakeEmailUsernameDriver: IntakeEmailUsernameDriverFactory | undefined = intakeEmailUsernameDrivers[driver as IntakeEmailUsernameDriverName];
+
+  if (isNil(intakeEmailUsernameDriver)) {
+    throw createError({
+      message: `Invalid intake email addresses driver ${driver}`,
+      code: 'intake-emails.addresses.invalid_driver',
+      statusCode: 500,
+      isInternal: true,
+    });
+  }
+
+  const intakeEmailUsernameServices = intakeEmailUsernameDriver({ config, ...dependencies });
+
+  return intakeEmailUsernameServices;
+}

apps/papra-server/src/modules/intake-emails/username-drivers/pattern/pattern.intake-email-username-driver.config.ts

@@ -0,0 +1,15 @@
+import type { ConfigDefinition } from 'figue';
+
+import { z } from 'zod';
+import { PATTERNS_PLACEHOLDERS } from './pattern.intake-email-username-driver.constants';
+
+export const PATTERN_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME = 'pattern';
+
+export const patternIntakeEmailDriverConfig = {
+  pattern: {
+    doc: `The pattern to use when generating email addresses usernames (before the @) for intake emails. Available placeholders are: ${Object.values(PATTERNS_PLACEHOLDERS).join(', ')}. Note: the resulting username will be slugified to remove special characters and spaces.`,
+    schema: z.string(),
+    default: `${PATTERNS_PLACEHOLDERS.USER_NAME}-${PATTERNS_PLACEHOLDERS.RANDOM_DIGITS}`,
+    env: 'INTAKE_EMAILS_USERNAME_DRIVER_PATTERN',
+  },
+} as const satisfies ConfigDefinition;

apps/papra-server/src/modules/intake-emails/username-drivers/pattern/pattern.intake-email-username-driver.constants.ts

@@ -0,0 +1,8 @@
+export const PATTERNS_PLACEHOLDERS = {
+  USER_NAME: '{{user.name}}',
+  USER_ID: '{{user.id}}',
+  USER_EMAIL_USERNAME: '{{user.email.username}}',
+  ORGANIZATION_ID: '{{organization.id}}',
+  ORGANIZATION_NAME: '{{organization.name}}',
+  RANDOM_DIGITS: '{{random.digits}}',
+} as const;

apps/papra-server/src/modules/intake-emails/username-drivers/pattern/pattern.intake-email-username-driver.ts

@@ -0,0 +1,52 @@
+import slugify from '@sindresorhus/slugify';
+import { createError } from '../../../shared/errors/errors';
+import { createLogger } from '../../../shared/logger/logger';
+import { isNil } from '../../../shared/utils';
+import { parseEmailAddress } from '../../intake-emails.models';
+import { defineIntakeEmailUsernameDriverFactory } from '../intake-email-username.models';
+import { PATTERN_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME } from './pattern.intake-email-username-driver.config';
+import { PATTERNS_PLACEHOLDERS } from './pattern.intake-email-username-driver.constants';
+
+export const patternIntakeEmailUsernameDriverFactory = defineIntakeEmailUsernameDriverFactory(({
+  logger = createLogger({ namespace: 'intake-emails.addresses-drivers.pattern' }),
+  config,
+  usersRepository,
+  organizationsRepository,
+}) => {
+  const { pattern } = config.intakeEmails.username.drivers.pattern;
+
+  return {
+    name: PATTERN_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME,
+    generateIntakeEmailUsername: async ({ userId, organizationId }) => {
+      const [{ user }, { organization }] = await Promise.all([
+        usersRepository.getUserById({ userId }),
+        organizationsRepository.getOrganizationById({ organizationId }),
+      ]);
+
+      if (isNil(user) || isNil(organization)) {
+        // Should not really happen, there is a check on the routes handlers
+        throw createError({
+          message: 'User or organization not found',
+          code: 'intake-emails.addresses.user_or_organization_not_found',
+          statusCode: 404,
+        });
+      }
+
+      const { username: userEmailUsername } = parseEmailAddress({ email: user.email });
+
+      const rawUsername = pattern
+        .replaceAll(PATTERNS_PLACEHOLDERS.USER_NAME, user.name ?? '')
+        .replaceAll(PATTERNS_PLACEHOLDERS.USER_ID, user.id)
+        .replaceAll(PATTERNS_PLACEHOLDERS.USER_EMAIL_USERNAME, userEmailUsername)
+        .replaceAll(PATTERNS_PLACEHOLDERS.ORGANIZATION_ID, organization.id)
+        .replaceAll(PATTERNS_PLACEHOLDERS.ORGANIZATION_NAME, organization.name)
+        .replaceAll(PATTERNS_PLACEHOLDERS.RANDOM_DIGITS, () => Math.floor(Math.random() * 10000).toString());
+
+      const username = slugify(rawUsername);
+
+      logger.debug({ rawUsername, username, pattern, userId, organizationId }, 'Generated email address');
+
+      return { username };
+    },
+  };
+});

apps/papra-server/src/modules/intake-emails/username-drivers/random/random.intake-email-username-driver.ts

@@ -0,0 +1,18 @@
+import { generateId as generateHumanReadableId } from '@corentinth/friendly-ids';
+import { createLogger } from '../../../shared/logger/logger';
+import { defineIntakeEmailUsernameDriverFactory } from '../intake-email-username.models';
+
+export const RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME = 'random';
+
+export const randomIntakeEmailUsernameDriverFactory = defineIntakeEmailUsernameDriverFactory(({ logger = createLogger({ namespace: 'intake-emails.addresses-drivers.random' }) }) => {
+  return {
+    name: RANDOM_INTAKE_EMAIL_ADDRESSES_DRIVER_NAME,
+    generateIntakeEmailUsername: async () => {
+      const username = generateHumanReadableId();
+
+      logger.debug({ username }, 'Generated email address');
+
+      return { username };
+    },
+  };
+});

apps/papra-server/src/modules/shared/fs/fs.in-memory.ts

@@ -3,7 +3,7 @@ import type { FsNative } from './fs.services';
 import { memfs } from 'memfs';
 import { createFsServices } from './fs.services';
 
-export function createInMemoryFsServices(volume: NestedDirectoryJSON) {
+export function buildInMemoryFs(volume: NestedDirectoryJSON) {
   const { vol } = memfs(volume);
 
   const fs = {
@@ -12,7 +12,16 @@ export function createInMemoryFsServices(volume: NestedDirectoryJSON) {
   } as FsNative;
 
   return {
+    fs,
     getFsState: () => vol.toJSON(),
+  };
+}
+
+export function createInMemoryFsServices(volume: NestedDirectoryJSON) {
+  const { fs, getFsState } = buildInMemoryFs(volume);
+
+  return {
+    getFsState,
     fs: createFsServices({ fs }),
   };
 }

apps/papra-server/src/modules/shared/fs/fs.models.ts

@@ -0,0 +1,12 @@
+import { isNil, isString } from '../utils';
+
+export function isCrossDeviceError({ error }: { error: Error & { code?: unknown } }) {
+  if (isNil(error.code) || !isString(error.code)) {
+    return false;
+  }
+
+  return [
+    'EXDEV', // Linux based OS (see `man rename`)
+    'ERROR_NOT_SAME_DEVICE', // Windows
+  ].includes(error.code);
+}

apps/papra-server/src/modules/shared/fs/fs.services.test.ts

@@ -0,0 +1,45 @@
+import { describe, expect, test } from 'vitest';
+import { buildInMemoryFs } from './fs.in-memory';
+import { moveFile } from './fs.services';
+
+describe('fs services', () => {
+  describe('moveFile', () => {
+    test('moves a file from the source path to the destination path', async () => {
+      const { fs, getFsState } = buildInMemoryFs({
+        '/file.txt': 'test content',
+      });
+
+      await moveFile({
+        sourceFilePath: '/file.txt',
+        destinationFilePath: '/renamed.txt',
+        fs,
+      });
+
+      expect(getFsState()).to.eql({
+        '/renamed.txt': 'test content',
+      });
+    });
+
+    test('if the destination file is in a different partition or disk, or a different docker volume, the underlying rename operation fails with an EXDEV error, so we fallback to copy + delete the source file', async () => {
+      const { fs, getFsState } = buildInMemoryFs({
+        '/file.txt': 'test content',
+      });
+
+      await moveFile({
+        sourceFilePath: '/file.txt',
+        destinationFilePath: '/renamed.txt',
+        fs: {
+          ...fs,
+          rename: async () => {
+            // Simulate an EXDEV error
+            throw Object.assign(new Error('EXDEV'), { code: 'EXDEV' });
+          },
+        },
+      });
+
+      expect(getFsState()).to.eql({
+        '/renamed.txt': 'test content',
+      });
+    });
+  });
+});

apps/papra-server/src/modules/shared/fs/fs.services.ts

@@ -2,8 +2,9 @@ import type { Readable } from 'node:stream';
 import { Buffer } from 'node:buffer';
 import fsSyncNative from 'node:fs';
 import fsPromisesNative from 'node:fs/promises';
-import { injectArguments } from '@corentinth/chisels';
+import { injectArguments, safely } from '@corentinth/chisels';
 import { pick } from 'lodash-es';
+import { isCrossDeviceError } from './fs.models';
 
 // what we use from the native fs module
 export type FsNative = {
@@ -13,12 +14,13 @@ export type FsNative = {
   stat: (path: string) => Promise<{ size: number }>;
   readFile: (path: string) => Promise<Buffer>;
   access: (path: string, mode: number) => Promise<void>;
+  copyFile: (sourcePath: string, destinationPath: string) => Promise<void>;
   constants: { F_OK: number };
   createReadStream: (path: string) => Readable;
 };
 
 const fsNative = {
-  ...pick(fsPromisesNative, 'mkdir', 'unlink', 'rename', 'readFile', 'access', 'constants', 'stat'),
+  ...pick(fsPromisesNative, 'mkdir', 'unlink', 'rename', 'readFile', 'access', 'constants', 'stat', 'copyFile'),
   createReadStream: fsSyncNative.createReadStream.bind(fsSyncNative) as (filePath: string) => Readable,
 } as FsNative;
 
@@ -66,7 +68,19 @@ export async function deleteFile({ filePath, fs = fsNative }: { filePath: string
 }
 
 export async function moveFile({ sourceFilePath, destinationFilePath, fs = fsNative }: { sourceFilePath: string; destinationFilePath: string; fs?: FsNative }) {
-  await fs.rename(sourceFilePath, destinationFilePath);
+  const [, error] = await safely(fs.rename(sourceFilePath, destinationFilePath));
+
+  // With different docker volumes, the rename operation fails with an EXDEV error,
+  // so we fallback to copy and delete the source file
+  if (error && isCrossDeviceError({ error })) {
+    await fs.copyFile(sourceFilePath, destinationFilePath);
+    await fs.unlink(sourceFilePath);
+    return;
+  }
+
+  if (error) {
+    throw error;
+  }
 }
 
 export async function readFile({ filePath, fs = fsNative }: { filePath: string; fs?: FsNative }) {

apps/papra-server/src/modules/shared/headers/headers.models.ts

@@ -1,4 +1,5 @@
 import type { Context } from '../../app/server.types';
+import { isNil } from '../utils';
 
 export function getHeader({ context, name }: { context: Context; name: string }) {
   return context.req.header(name);
@@ -15,3 +16,13 @@ export function getImpersonatedUserIdFromHeader({ context }: { context: Context
 
   return { impersonatedUserId };
 }
+
+export function getContentLengthHeader({ headers }: { headers: Record<string, string> }): number | undefined {
+  const contentLengthHeaderValue = headers['content-length'] ?? headers['Content-Length'];
+
+  if (isNil(contentLengthHeaderValue)) {
+    return undefined;
+  }
+
+  return Number(contentLengthHeaderValue);
+}

apps/papra-server/src/modules/shared/streams/file-upload.test.ts

@@ -0,0 +1,51 @@
+import { describe, expect, test } from 'vitest';
+import { isContentLengthPessimisticallyTooLarge } from './file-upload';
+
+describe('file-upload', () => {
+  describe('isContentLengthPessimisticallyTooLarge', () => {
+    test(`a file upload request is considered pessimistically too large when 
+        - a content length header is present
+        - a max file size limit is provided
+        - the content length is greater than the max file size limit plus an over-estimated overhead due to the multipart form data (boundaries, metadata, etc)`, () => {
+      expect(
+        isContentLengthPessimisticallyTooLarge({
+          contentLength: 1_000,
+          maxFileSize: 1_000,
+          overhead: 512,
+        }),
+      ).to.eql(false);
+
+      expect(
+        isContentLengthPessimisticallyTooLarge({
+          contentLength: undefined,
+          maxFileSize: 1_000,
+          overhead: 512,
+        }),
+      ).to.eql(false);
+
+      expect(
+        isContentLengthPessimisticallyTooLarge({
+          contentLength: 1_000,
+          maxFileSize: undefined,
+          overhead: 512,
+        }),
+      ).to.eql(false);
+
+      expect(
+        isContentLengthPessimisticallyTooLarge({
+          contentLength: undefined,
+          maxFileSize: undefined,
+          overhead: 512,
+        }),
+      ).to.eql(false);
+
+      expect(
+        isContentLengthPessimisticallyTooLarge({
+          contentLength: 1_513,
+          maxFileSize: 1_000,
+          overhead: 512,
+        }),
+      ).to.eql(true);
+    });
+  });
+});

apps/papra-server/src/modules/shared/streams/file-upload.ts

@@ -1,18 +1,41 @@
 import type { Logger } from '../logger/logger';
 import { Readable } from 'node:stream';
 import createBusboy from 'busboy';
+import { MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD } from '../../documents/documents.constants';
+import { createDocumentSizeTooLargeError } from '../../documents/documents.errors';
 import { createError } from '../errors/errors';
+import { getContentLengthHeader } from '../headers/headers.models';
 import { createLogger } from '../logger/logger';
+import { isNil } from '../utils';
+
+// Early check to avoid parsing the stream if the content length is set and too large
+export function isContentLengthPessimisticallyTooLarge({
+  contentLength,
+  maxFileSize,
+  overhead = MULTIPART_FORM_DATA_SINGLE_FILE_CONTENT_LENGTH_OVERHEAD,
+}: {
+  contentLength?: number;
+  maxFileSize?: number;
+  overhead?: number;
+}) {
+  if (isNil(contentLength) || isNil(maxFileSize)) {
+    return false;
+  }
+
+  return contentLength > maxFileSize + overhead;
+}
 
 export async function getFileStreamFromMultipartForm({
   body,
   headers,
   fieldName = 'file',
+  maxFileSize,
   logger = createLogger({ namespace: 'file-upload' }),
 }: {
   body: ReadableStream | null | undefined;
   headers: Record<string, string>;
   fieldName?: string;
+  maxFileSize?: number;
   logger?: Logger;
 }) {
   if (!body) {
@@ -23,12 +46,20 @@ export async function getFileStreamFromMultipartForm({
     });
   }
 
+  const contentLength = getContentLengthHeader({ headers });
+  if (isContentLengthPessimisticallyTooLarge({ contentLength, maxFileSize })) {
+    logger.debug({ contentLength, maxFileSize }, 'Content length is pessimistically too large');
+
+    throw createDocumentSizeTooLargeError();
+  }
+
   const { promise, resolve, reject } = Promise.withResolvers<{ fileStream: Readable; fileName: string; mimeType: string }>();
 
   const bb = createBusboy({
     headers,
     limits: {
       files: 1, // Only allow one file
+      fileSize: maxFileSize,
     },
   })
     .on('file', (formFieldname, fileStream, info) => {
@@ -44,6 +75,11 @@ export async function getFileStreamFromMultipartForm({
         }));
       }
 
+      fileStream.on('limit', () => {
+        logger.info({ contentLength, maxFileSize }, 'File stream limit reached');
+        fileStream.destroy(createDocumentSizeTooLargeError());
+      });
+
       resolve({
         fileStream,
         fileName: info.filename,

apps/papra-server/src/modules/shared/utils.test.ts

@@ -1,5 +1,5 @@
 import { describe, expect, test } from 'vitest';
-import { isDefined, isNil, omitUndefined } from './utils';
+import { isDefined, isNil, isNonEmptyString, isString, omitUndefined } from './utils';
 
 describe('utils', () => {
   describe('omitUndefined', () => {
@@ -47,4 +47,38 @@ describe('utils', () => {
       expect(isDefined({})).toBe(true);
     });
   });
+
+  describe('isString', () => {
+    test('returns true if the value is a string', () => {
+      expect(isString('')).toBe(true);
+      expect(isString('foo')).toBe(true);
+      expect(isString(String(1))).toBe(true);
+    });
+
+    test('returns false if the value is not a string', () => {
+      expect(isString(undefined)).toBe(false);
+      expect(isString(null)).toBe(false);
+      expect(isString(0)).toBe(false);
+      expect(isString(false)).toBe(false);
+      expect(isString({})).toBe(false);
+      expect(isString([])).toBe(false);
+    });
+  });
+
+  describe('isNonEmptyString', () => {
+    test('returns true if the value is a non-empty string', () => {
+      expect(isNonEmptyString('')).toBe(false);
+      expect(isNonEmptyString('foo')).toBe(true);
+      expect(isNonEmptyString(String(1))).toBe(true);
+    });
+
+    test('returns false if the value is not a non-empty string', () => {
+      expect(isNonEmptyString(undefined)).toBe(false);
+      expect(isNonEmptyString(null)).toBe(false);
+      expect(isNonEmptyString(0)).toBe(false);
+      expect(isNonEmptyString(false)).toBe(false);
+      expect(isNonEmptyString({})).toBe(false);
+      expect(isNonEmptyString([])).toBe(false);
+    });
+  });
 });

apps/papra-server/src/modules/shared/utils.ts

@@ -15,3 +15,11 @@ export function isNil(value: unknown): value is undefined | null {
 export function isDefined<T>(value: T): value is Exclude<T, undefined | null> {
   return !isNil(value);
 }
+
+export function isString(value: unknown): value is string {
+  return typeof value === 'string';
+}
+
+export function isNonEmptyString(value: unknown): value is string {
+  return isString(value) && value.length > 0;
+}

apps/papra-server/src/modules/subscriptions/subscriptions.models.ts

@@ -1,4 +1,4 @@
-import { isNil } from '../shared/utils';
+import { isNil, isNonEmptyString } from '../shared/utils';
 
 export function coerceStripeTimestampToDate(timestamp: number) {
   return new Date(timestamp * 1000);
@@ -9,5 +9,5 @@ export function isSignatureHeaderFormatValid(signature: string | undefined): sig
     return false;
   }
 
-  return typeof signature === 'string' && signature.length > 0;
+  return isNonEmptyString(signature);
 }

apps/papra-server/src/modules/tasks/drivers/libsql/libsql.tasks-driver.ts

@@ -0,0 +1,17 @@
+import type { TaskPersistenceConfig, TaskServiceDriverDefinition } from '../../tasks.types';
+import { createLibSqlDriver, setupSchema } from '@cadence-mq/driver-libsql';
+import { createClient } from '@libsql/client';
+
+export function createLibSqlTaskServiceDriver({ taskPersistenceConfig }: { taskPersistenceConfig: TaskPersistenceConfig }): TaskServiceDriverDefinition {
+  const { url, authToken, pollIntervalMs } = taskPersistenceConfig.drivers.libSql;
+
+  const client = createClient({ url, authToken });
+  const driver = createLibSqlDriver({ client, pollIntervalMs });
+
+  return {
+    driver,
+    initialize: async () => {
+      await setupSchema({ client });
+    },
+  };
+}

apps/papra-server/src/modules/tasks/drivers/memory/memory.tasks-driver.ts

@@ -0,0 +1,10 @@
+import type { TaskServiceDriverDefinition } from '../../tasks.types';
+import { createMemoryDriver } from '@cadence-mq/driver-memory';
+
+export function createMemoryTaskServiceDriver(): TaskServiceDriverDefinition {
+  const driver = createMemoryDriver();
+
+  return {
+    driver,
+  };
+}

apps/papra-server/src/modules/tasks/drivers/tasks-driver.constants.ts

@@ -0,0 +1,8 @@
+export const TASKS_DRIVER_NAMES = {
+  memory: 'memory',
+  libsql: 'libsql',
+} as const;
+
+export const tasksDriverNames = Object.keys(TASKS_DRIVER_NAMES);
+
+export type TasksDriverName = keyof typeof TASKS_DRIVER_NAMES;