CuriousLearner
diff --git a/‎conftest.py‎
Lines changed: 22 additions & 2 deletions b/‎conftest.py‎
Lines changed: 22 additions & 2 deletions
diff --git a/‎phone_verify/backends/nexmo.py‎
Lines changed: 2 additions & 11 deletions b/‎phone_verify/backends/nexmo.py‎
Lines changed: 2 additions & 11 deletions
diff --git a/‎tests/test_api.py‎
Lines changed: 165 additions & 132 deletions b/‎tests/test_api.py‎
Lines changed: 165 additions & 132 deletions
@@ -6,14 +6,20 @@
 """
 
 # Standard Library
+import copy
 import functools
 
-import django
-
 # Third Party Stuff
 import pytest
+import django
 from django.conf import settings
 
+from tests import test_settings
+
+backends = {"twilio.TwilioBackend", "nexmo.NexmoBackend"}
+sandbox_backends = {"twilio.TwilioSandboxBackend", "nexmo.NexmoSandboxBackend"}
+all_backends = list(backends) + list(sandbox_backends)
+
 
 class PartialMethodCaller:
     def __init__(self, obj, **partial_params):
@@ -48,6 +54,20 @@ def json(self):
     return _Client()
 
 
+@pytest.fixture(params=all_backends)
+def backend(request):
+    phone_verification_settings = copy.deepcopy(
+        test_settings.DJANGO_SETTINGS.get("PHONE_VERIFICATION")
+    )
+    phone_verification_settings["BACKEND"] = f"phone_verify.backends.{request.param}"
+    if (
+        request.param == "nexmo.NexmoSandboxBackend"
+        or request.param == "nexmo.NexmoBackend"
+    ):
+        phone_verification_settings["OPTIONS"]["KEY"] = "fake"
+    return phone_verification_settings
+
+
 def pytest_configure():
     from tests import test_settings
 
 
@@ -10,7 +10,6 @@
 
 
 class NexmoBackend(BaseBackend):
-
     def __init__(self, **options):
         super().__init__(**options)
 
@@ -23,11 +22,7 @@ def __init__(self, **options):
         self.client = nexmo.Client(key=self._key, secret=self._secret)
 
     def send_sms(self, number, message):
-        self.client.send_message({
-            'from': self._from,
-            'to': number,
-            'text': message,
-        })
+        self.client.send_message({"from": self._from, "to": number, "text": message})
 
     def send_bulk_sms(self, numbers, message):
         for number in numbers:
@@ -47,11 +42,7 @@ def __init__(self, **options):
         self.client = nexmo.Client(key=self._key, secret=self._secret)
 
     def send_sms(self, number, message):
-        self.client.send_message({
-            'from': self._from,
-            'to': number,
-            'text': message,
-        })
+        self.client.send_message({"from": self._from, "to": number, "text": message})
 
     def send_bulk_sms(self, numbers, message):
         for number in numbers:
 
@@ -7,9 +7,10 @@
 
 import pytest
 from django.apps import apps
+from django.test import override_settings
 from django.urls import reverse
-
-from . import test_settings as settings
+from conftest import backends, sandbox_backends
+from .test_backends import _get_backend_cls
 from . import factories as f
 
 pytestmark = pytest.mark.django_db
@@ -19,7 +20,7 @@
 SESSION_TOKEN = "phone-auth-session-token"
 
 
-def test_phone_registration_sends_message(client, mocker):
+def test_phone_registration_sends_message(client, mocker, backend):
     url = reverse("phone-register")
     phone_number = PHONE_NUMBER
     data = {"phone_number": phone_number}
@@ -38,132 +39,164 @@ def test_phone_registration_sends_message(client, mocker):
     )
 
 
-def test_security_code_session_token_verification_api(client):
-    f.create_verification(
-        security_code=SECURITY_CODE,
-        phone_number=PHONE_NUMBER,
-        session_token=SESSION_TOKEN,
-    )
-    url = reverse("phone-verify")
-    data = {
-        "phone_number": PHONE_NUMBER,
-        "security_code": SECURITY_CODE,
-        "session_token": SESSION_TOKEN,
-    }
-    response = client.json.post(url, data=data)
-    assert response.status_code == 200
-    assert response.data["message"] == "Security code is valid."
-
-
-def test_phone_verification_with_incomplete_payload(client):
-    f.create_verification(
-        security_code=SECURITY_CODE,
-        phone_number=PHONE_NUMBER,
-        session_token=SESSION_TOKEN,
-    )
-    url = reverse("phone-verify")
-    data = {"phone_number": PHONE_NUMBER}
-    response = client.json.post(url, data=data)
-    assert response.status_code == 400
-    response_data = json.loads(json.dumps(response.data))
-    assert response_data["session_token"][0] == "This field is required."
-    assert response_data["security_code"][0] == "This field is required."
-
-    data = {"security_code": SECURITY_CODE}
-    response = client.json.post(url, data=data)
-    assert response.status_code == 400
-    response_data = json.loads(json.dumps(response.data))
-    assert response_data["phone_number"][0] == "This field is required."
-
-
-def test_phone_verification_with_incorrect_payload(client):
-    f.create_verification(
-        security_code=SECURITY_CODE,
-        phone_number=PHONE_NUMBER,
-        session_token=SESSION_TOKEN,
-    )
-    url = reverse("phone-verify")
-    # Payload with wrong session token
-    data = {
-        "phone_number": PHONE_NUMBER,
-        "security_code": SECURITY_CODE,
-        "session_token": "wrong-session-token",
-    }
-    response = client.json.post(url, data=data)
-    response_data = json.loads(json.dumps(response.data))
-    assert response.status_code == 400
-    assert response_data["non_field_errors"][0] == "Session Token mis-match"
-
-    # Payload with wrong security code
-    data = {
-        "phone_number": PHONE_NUMBER,
-        "security_code": "999999",
-        "session_token": SESSION_TOKEN,
-    }
-    response = client.json.post(url, data=data)
-    assert response.status_code == 400
-    response_data = json.loads(json.dumps(response.data))
-    assert response_data["non_field_errors"][0] == "Security code is not valid"
-
-    # Payload with incorrect phone_number
-    data = {
-        "phone_number": "+13478379632",
-        "security_code": SECURITY_CODE,
-        "session_token": SESSION_TOKEN,
-    }
-    response = client.json.post(url, data=data)
-    assert response.status_code == 400
-    response_data = json.loads(json.dumps(response.data))
-    assert response_data["non_field_errors"][0] == "Security code is not valid"
-
-
-def test_check_security_code_expiry(client):
-    f.create_verification(
-        security_code=SECURITY_CODE,
-        phone_number=PHONE_NUMBER,
-        session_token=SESSION_TOKEN,
-    )
-    time.sleep(2)
-    url = reverse("phone-verify")
-    data = {
-        "phone_number": PHONE_NUMBER,
-        "security_code": SECURITY_CODE,
-        "session_token": SESSION_TOKEN,
-    }
-    response = client.json.post(url, data=data)
-    assert response.status_code == 400
-    response_data = json.loads(json.dumps(response.data))
-    assert response_data["non_field_errors"][0] == "Security code has expired"
-
-
-def test_verified_security_code(client):
-    f.create_verification(
-        security_code=SECURITY_CODE,
-        phone_number=PHONE_NUMBER,
-        session_token=SESSION_TOKEN,
-        is_verified=True,
-    )
-    url = reverse("phone-verify")
-    data = {
-        "phone_number": PHONE_NUMBER,
-        "security_code": SECURITY_CODE,
-        "session_token": SESSION_TOKEN,
-    }
-
-    # Security code verification is restricted to one time
-    settings.DJANGO_SETTINGS["PHONE_VERIFICATION"][
-        "VERIFY_SECURITY_CODE_ONLY_ONCE"
-    ] = True
-    response = client.json.post(url, data=data)
-    response_data = json.loads(json.dumps(response.data))
-    assert response.status_code == 400
-    assert response_data["non_field_errors"][0] == "Security code is already verified"
-
-    # Security code verification is not restricted to one time
-    settings.DJANGO_SETTINGS["PHONE_VERIFICATION"][
-        "VERIFY_SECURITY_CODE_ONLY_ONCE"
-    ] = False
-    response = client.json.post(url, data=data)
-    response_data = json.loads(json.dumps(response.data))
-    assert response.status_code == 200
-    assert response.data["message"] == "Security code is valid."
+def test_security_code_session_token_verification_api(client, backend):
+    with override_settings(PHONE_VERIFICATION=backend):
+        f.create_verification(
+            security_code=SECURITY_CODE,
+            phone_number=PHONE_NUMBER,
+            session_token=SESSION_TOKEN,
+        )
+        url = reverse("phone-verify")
+        data = {
+            "phone_number": PHONE_NUMBER,
+            "security_code": SECURITY_CODE,
+            "session_token": SESSION_TOKEN,
+        }
+        response = client.json.post(url, data=data)
+        assert response.status_code == 200
+        assert response.data["message"] == "Security code is valid."
+
+
+def test_phone_verification_with_incomplete_payload(client, backend):
+    with override_settings(PHONE_VERIFICATION=backend):
+        f.create_verification(
+            security_code=SECURITY_CODE,
+            phone_number=PHONE_NUMBER,
+            session_token=SESSION_TOKEN,
+        )
+        url = reverse("phone-verify")
+        data = {"phone_number": PHONE_NUMBER}
+        response = client.json.post(url, data=data)
+        assert response.status_code == 400
+        response_data = json.loads(json.dumps(response.data))
+        assert response_data["session_token"][0] == "This field is required."
+        assert response_data["security_code"][0] == "This field is required."
+
+        data = {"security_code": SECURITY_CODE}
+        response = client.json.post(url, data=data)
+        assert response.status_code == 400
+        response_data = json.loads(json.dumps(response.data))
+        assert response_data["phone_number"][0] == "This field is required."
+
+
+def test_phone_verification_with_incorrect_payload(client, backend):
+    with override_settings(PHONE_VERIFICATION=backend):
+        f.create_verification(
+            security_code=SECURITY_CODE,
+            phone_number=PHONE_NUMBER,
+            session_token=SESSION_TOKEN,
+        )
+        url = reverse("phone-verify")
+        # Payload with wrong session token
+        data = {
+            "phone_number": PHONE_NUMBER,
+            "security_code": SECURITY_CODE,
+            "session_token": "wrong-session-token",
+        }
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+
+        backend_cls = _get_backend_cls(backend)
+
+        if backend_cls in backends:
+            assert response.status_code == 400
+            assert response_data["non_field_errors"][0] == "Session Token mis-match"
+        elif backend_cls in sandbox_backends:
+            # Sandbox Backend returns a 200 status code as it does not check the payload information
+            assert response.status_code == 200
+
+        # Payload with wrong security code
+        data = {
+            "phone_number": PHONE_NUMBER,
+            "security_code": "999999",
+            "session_token": SESSION_TOKEN,
+        }
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+        if backend_cls in backends:
+            assert response.status_code == 400
+            assert response_data["non_field_errors"][0] == "Security code is not valid"
+        elif backend_cls in sandbox_backends:
+            # Sandbox Backend returns a 200 status code as it does not check the payload information
+            assert response.status_code == 200
+
+        # Payload with incorrect phone_number
+        data = {
+            "phone_number": "+13478379632",
+            "security_code": SECURITY_CODE,
+            "session_token": SESSION_TOKEN,
+        }
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+        if backend_cls in backends:
+            assert response.status_code == 400
+            assert response_data["non_field_errors"][0] == "Security code is not valid"
+        elif backend_cls in sandbox_backends:
+            # Sandbox Backend returns a 200 status code as it does not check the payload information
+            assert response.status_code == 200
+
+
+def test_check_security_code_expiry(client, backend):
+    with override_settings(PHONE_VERIFICATION=backend):
+        f.create_verification(
+            security_code=SECURITY_CODE,
+            phone_number=PHONE_NUMBER,
+            session_token=SESSION_TOKEN,
+        )
+        time.sleep(2)
+        url = reverse("phone-verify")
+        data = {
+            "phone_number": PHONE_NUMBER,
+            "security_code": SECURITY_CODE,
+            "session_token": SESSION_TOKEN,
+        }
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+
+        backend_cls = _get_backend_cls(backend)
+
+        if backend_cls in backends:
+            assert response.status_code == 400
+            assert response_data["non_field_errors"][0] == "Security code has expired"
+        elif backend_cls in sandbox_backends:
+            # Sandbox Backend returns a 200 status code when verifying security code expiry
+            assert response.status_code == 200
+
+
+def test_verified_security_code(client, backend):
+    with override_settings(PHONE_VERIFICATION=backend):
+        f.create_verification(
+            security_code=SECURITY_CODE,
+            phone_number=PHONE_NUMBER,
+            session_token=SESSION_TOKEN,
+            is_verified=True,
+        )
+        url = reverse("phone-verify")
+        data = {
+            "phone_number": PHONE_NUMBER,
+            "security_code": SECURITY_CODE,
+            "session_token": SESSION_TOKEN,
+        }
+
+        backend_cls = _get_backend_cls(backend)
+
+        # Security code verification is restricted to one time
+        backend["VERIFY_SECURITY_CODE_ONLY_ONCE"] = True
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+        if backend_cls in backends:
+            assert response.status_code == 400
+            assert (
+                response_data["non_field_errors"][0]
+                == "Security code is already verified"
+            )
+        elif backend_cls in sandbox_backends:
+            # Sandbox Backend returns a 200 status code when verifying security code
+            assert response.status_code == 200
+
+        # Security code verification is not restricted to one time
+        backend["VERIFY_SECURITY_CODE_ONLY_ONCE"] = False
+        response = client.json.post(url, data=data)
+        response_data = json.loads(json.dumps(response.data))
+        assert response.status_code == 200
+        assert response.data["message"] == "Security code is valid."