Mail mocking (#64)

* fix(auth): moved Redis code in authentication to common/redis.py

* feat(mock): created MockMail object, no longer need external mail servers

* feat(mock): patched register_verify_test

Author: hanyuone

backend/app.py

@@ -9,8 +9,8 @@
 from common.plugins import jwt, mail
 from database.database import db
 from routes.auth import auth
-from routes.puzzle import puzzle
 from routes.leaderboard import leaderboard
+from routes.puzzle import puzzle
 from routes.user import user
 
 
@@ -28,7 +28,7 @@ def handle_exception(error):
     return response
 
 
-def create_app():
+def create_app(config={}):
     app = Flask(__name__)
     CORS(app)
 
@@ -53,6 +53,9 @@ def create_app():
     app.config["MAIL_USE_TLS"] = True
     app.config["MAIL_USE_SSL"] = False
 
+    for key, value in config.items():
+        app.config[key] = value
+
     app.after_request(update_token)
 
     # Initialise plugins

backend/common/redis.py

@@ -10,6 +10,28 @@
 
 ## EMAIL VERIFICATION
 
+def add_verification(data, code):
+    # We use a pipeline here to ensure these instructions are atomic
+    pipeline = cache.pipeline()
+
+    pipeline.hset(f"register:{code}", mapping=data)
+    pipeline.expire(f"register:{code}", timedelta(hours=1))
+
+    pipeline.execute()
+
+def get_verification(code):
+    key = f"register:{code}"
+
+    if not cache.exists(key):
+        return None
+
+    result = {}
+
+    for key, value in cache.hgetall(key).items():
+        result[key.decode()] = value.decode()
+
+    return result
+
 ## LOCKOUT
 
 def register_incorrect(id):
@@ -46,5 +68,7 @@ def is_blocked(id):
     token = cache.get(f"block_{id}")
     return token is not None
 
+## GENERAL FUNCTIONS
+
 def clear_redis():
     cache.flushdb()

backend/models/user.py

@@ -7,7 +7,7 @@
 from itsdangerous import URLSafeTimedSerializer
 
 from common.exceptions import AuthError, InvalidError, RequestError
-from common.redis import cache
+from common.redis import add_verification, get_verification
 from database.user import add_user, email_exists, fetch_user, get_user_info, username_exists
 
 hasher = PasswordHasher(
@@ -64,31 +64,19 @@ def register(email, username, password):
             "password": hashed
         }
 
-        # We use a pipeline here to ensure these instructions are atomic
-        pipeline = cache.pipeline()
-
-        pipeline.hset(f"register:{code}", mapping=data)
-        pipeline.expire(f"register:{code}", timedelta(hours=1))
-
-        pipeline.execute()
+        add_verification(data, code)
 
         return code
 
     @staticmethod
-    def register_verify(token):
-        cache_key = f"register:{token}"
+    def register_verify(code):
+        result = get_verification(code)
 
-        if not cache.exists(cache_key):
+        if result is None:
             raise AuthError("Token expired or does not correspond to registering user")
 
-        result = cache.hgetall(cache_key)
-        stringified = {}
-        
-        for key, value in result.items():
-            stringified[key.decode()] = value.decode()
-
-        id = add_user(stringified["email"], stringified["username"], stringified["password"])
-        return User(id, stringified["email"], stringified["username"], stringified["password"])
+        id = add_user(result["email"], result["username"], result["password"])
+        return User(id, result["email"], result["username"], result["password"])
 
     @staticmethod
     def login(email, password):

backend/test/auth/register_test.py

@@ -1,11 +1,12 @@
-import email
 import os
-import poplib
 import requests
 
 # Imports for pytest
+from pytest_mock import mocker
+
 from test.helpers import clear_all, db_add_user
 from test.fixtures import app, client
+from test.mock.mock_mail import mailbox
 
 
 def register(json):
@@ -64,15 +65,13 @@ def test_duplicate_username(client):
     assert response.status_code == 400
 
 
-def test_success(client):
+def test_register_success(client, mocker):
+    mocker.patch("routes.auth.mail", mailbox)
+
     clear_all()
 
     # Check that we get an email sent
-    mailbox = poplib.POP3("pop3.mailtrap.io", 1100)
-    mailbox.user(os.environ["MAILTRAP_USERNAME"])
-    mailbox.pass_(os.environ["MAILTRAP_PASSWORD"])
-
-    (before, _) = mailbox.stat()
+    before = len(mailbox.messages)
 
     # Register normally
     response = client.post("/auth/register", json={
@@ -84,12 +83,11 @@ def test_success(client):
     assert response.status_code == 200
 
     # Check that an email was in fact sent
-    (after, _) = mailbox.stat()
+    after = len(mailbox.messages)
 
     assert after == before + 1
 
     # Verify recipient
-    raw_email = b"\n".join(mailbox.retr(1)[1])
-    parsed_email = email.message_from_bytes(raw_email)
+    parsed_email = mailbox.get_message(-1)
 
     assert parsed_email["To"] == "[email protected]"

backend/test/auth/register_verify_test.py

@@ -13,6 +13,7 @@
 import common
 from test.helpers import clear_all
 from test.fixtures import app, client
+from test.mock.mock_mail import mailbox
 
 ## HELPER FUNCTIONS
 
@@ -38,6 +39,8 @@ def test_invalid_token(client):
 # TODO: try working on this, if not feasible delete this test and test manually
 @pytest.mark.skip()
 def test_token_expired(client, mocker):
+    clear_all()
+    
     fake = fakeredis.FakeStrictRedis()
     mocker.patch.object(common.redis, "cache", return_value=fake)
 
@@ -79,7 +82,9 @@ def test_token_expired(client, mocker):
 
         assert response.status_code == 401
 
-def test_success(client):
+def test_verify_success(client, mocker):
+    mocker.patch("routes.auth.mail", mailbox)
+
     clear_all()
 
     register_response = client.post("/auth/register", json={
@@ -91,13 +96,7 @@ def test_success(client):
     assert register_response.status_code == 200
 
     # Check inbox
-    mailbox = poplib.POP3("pop3.mailtrap.io", 1100)
-    mailbox.user(os.environ["MAILTRAP_USERNAME"])
-    mailbox.pass_(os.environ["MAILTRAP_PASSWORD"])
-
-    # Check the contents of the email, and harvest the token from there
-    raw_email = b"\n".join(mailbox.retr(1)[1])
-    parsed_email = email.message_from_bytes(raw_email)
+    parsed_email = mailbox.get_message(-1)
 
     # Assuming there's a HTML part
     for part in parsed_email.walk():

backend/test/fixtures.py

@@ -1,12 +1,17 @@
+from app import create_app
+
 import pytest
+from pytest_mock import mocker
 
-from app import create_app
+from test.mock.mock_mail import mailbox
 
 @pytest.fixture()
-def app():
-    app = create_app()
-    app.config["TESTING"] = True
+def app(mocker):
+    # Mock only where the data is being used
+    mocker.patch("app.mail", mailbox)
+    mocker.patch("common.plugins.mail", mailbox)
 
+    app = create_app({"TESTING": True})
     yield app
 
 @pytest.fixture()

backend/test/helpers.py

@@ -4,6 +4,7 @@
 from database.puzzle import add_part, add_question, add_competition
 from models.user import User
 
+## DATABASE FUNCTIONS
 
 def db_add_competition(name):
     return add_competition(name)
@@ -24,6 +25,8 @@ def clear_all():
     # Clear database
     clear_database()
 
+## HEADER FUNCTIONS
+
 def get_cookie_from_header(response, cookie_name):
     cookie_headers = response.headers.getlist("Set-Cookie")
 
@@ -44,3 +47,8 @@ def get_cookie_from_header(response, cookie_name):
 def generate_csrf_header(response):
     csrf_token = get_cookie_from_header(response, "csrf_access_token")["csrf_access_token"]
     return {"X-CSRF-TOKEN": csrf_token}
+
+## EMAIL MOCKING
+
+def get_emails():
+    pass

backend/test/mock/mock_mail.py

@@ -0,0 +1,19 @@
+import email
+import flask_mail
+
+class MockMail:
+    def __init__(self):
+        self.ascii_attachments = False
+        self.messages = []
+
+    def init_app(self, app):
+        app.extensions = getattr(app, 'extensions', {})
+        app.extensions['mail'] = self
+
+    def send(self, message: flask_mail.Message):
+        self.messages.append(message.as_bytes())
+
+    def get_message(self, n):
+        return email.message_from_bytes(self.messages[n])
+
+mailbox = MockMail()