Fix smtp auth check #10939
Fix smtp auth check #10939
Conversation
Fix: Implement mandatory authentication check for Custom SMTP configuration
📝 WalkthroughWalkthroughDefaults for SMTP credentials were added to environment configuration. The projects API now sets PHPMailer->SMTPAuth when both username and password are present and rethrows SMTP connection errors with the original message. docker-compose was updated to pass SMTP credentials into the maildev service. End-to-end tests and test fixtures were updated to read SMTP host/port/username/password from environment variables, to include an invalid-credentials failure assertion, and to adjust several expectations and counts accordingly. Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes
Pre-merge checks and finishing touches✅ Passed checks (5 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Security Scan Results for PRDocker Image Scan Results
Source Code Scan Results🎉 No vulnerabilities found! |
✨ Benchmark results
⚡ Benchmark Comparison
|
|
@copilot the latest CI tests (https://github.com/appwrite/appwrite/actions/runs/20157261474) are failing. Fix the tests. |
|
@stnguyen90 I've opened a new pull request, #10940, to work on those changes. Once the pull request is ready, I'll request review from you. |
There was a problem hiding this comment.
Actionable comments posted: 0
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
tests/e2e/Services/Projects/ProjectsConsoleClientTest.php (1)
260-277: Brittle assertions: hard-coded project totals/order will flake if test order/data changes.
These expectations (e.g.,total === 4,count === 5, and specific name ordering at offsets) implicitly depend on global state created by other tests and/or list ordering guarantees that may not hold across environments. Prefer making this test self-contained (create the projects it expects) or asserting relative changes (baseline + N), and avoid relying on ordering unless you explicitly order by a stable field.Suggested direction (illustrative): record baseline total before creating any projects in this test, then assert
baseline + createdCount, and useQuery::orderAsc('$id')(or another stable field) when asserting order.Also applies to: 351-353, 379-392, 405-407
🧹 Nitpick comments (2)
tests/e2e/Services/Projects/ProjectsConsoleClientTest.php (2)
621-687: SMTP update test: good coverage; make failure assertion less message-fragile + verify config unchanged after failure.
assertStringContainsStringIgnoringCase('Could not authenticate', ...)may vary by PHPMailer/SMTP server; consider asserting only the errortype(and maybe that message containsauthenticate) to reduce flakes.- After the invalid-credentials attempt returns 400, consider fetching
/projects/{id}again and asserting SMTP settings remain the previously-set valid config (guards against partial writes on failure).
621-625: Env-driven SMTP params: good; reduce duplication via a small helper/fixture.
The same_APP_SMTP_*env reads are repeated in multiple tests; extracting to a private helper (or reusing an existing fixture) will keep future SMTP changes localized.Also applies to: 696-700, 735-739, 772-776, 788-792
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (5)
.env(1 hunks)app/controllers/api/projects.php(4 hunks)docker-compose.yml(1 hunks)tests/e2e/Scopes/ProjectCustom.php(1 hunks)tests/e2e/Services/Projects/ProjectsConsoleClientTest.php(18 hunks)
🧰 Additional context used
🧬 Code graph analysis (2)
app/controllers/api/projects.php (1)
src/Appwrite/Extend/Exception.php (1)
Exception(7-472)
tests/e2e/Services/Projects/ProjectsConsoleClientTest.php (4)
tests/e2e/Scopes/ProjectCustom.php (1)
getProject(21-184)src/Appwrite/Event/Event.php (1)
getProject(153-156)tests/e2e/Scopes/Scope.php (1)
getProject(150-150)src/Appwrite/Extend/Exception.php (1)
Exception(7-472)
🪛 dotenv-linter (4.0.0)
.env
[warning] 72-72: [UnorderedKey] The _APP_SMTP_USERNAME key should go before the _APP_STORAGE_ANTIVIRUS key
(UnorderedKey)
[warning] 73-73: [UnorderedKey] The _APP_SMTP_PASSWORD key should go before the _APP_SMTP_PORT key
(UnorderedKey)
🔇 Additional comments (12)
docker-compose.yml (1)
1113-1115: LGTM - Maildev authentication configuration aligns with SMTP auth fix.Configuring
MAILDEV_INCOMING_USERandMAILDEV_INCOMING_PASSallows the development mail server to enforce authentication, enabling proper testing of the SMTP credential validation fix..env (1)
72-73: LGTM - Default SMTP credentials for development environment.Setting default values for
_APP_SMTP_USERNAMEand_APP_SMTP_PASSWORDcoordinates with the maildev container configuration and enables SMTP authentication testing. The static analysis warnings about key ordering can be safely ignored as alphabetical ordering is not a functional requirement for.envfiles.tests/e2e/Scopes/ProjectCustom.php (1)
164-166: LGTM - Environment-based SMTP configuration for tests.Using
System::getEnvwith fallback defaults provides flexibility while maintaining consistency with the.envdefaults. Theintval()wrapper for port is appropriate since environment variables are strings.app/controllers/api/projects.php (4)
2082-2082: Core fix correctly enables SMTP authentication validation.Setting
SMTPAuthbased on the presence of both username and password ensures credentials are actually validated duringSmtpConnect(). This addresses the root cause identified in issue #9067 where SMTP settings were being saved without validating authentication credentials.
2098-2098: Improved error message propagation.Passing the original exception message directly provides more specific and actionable error details (e.g., "SMTP Error: Could not authenticate" from PHPMailer) rather than a generic wrapper message.
297-297: Minor formatting adjustment - no functional change.
2669-2669: Minor formatting adjustment - no functional change.tests/e2e/Services/Projects/ProjectsConsoleClientTest.php (5)
25-28: Test grouping change looks fine; just ensure CI uses these groups consistently.
812-813: Updated default template subject expectation is consistent with the new baseline.
915-916: Auth duration assertion update looks correct given the project name in this flow.
3135-3136: Scope count assertions tightened; looks good.Also applies to: 3154-3155
5088-5090: Comment-only change ok.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.env (1)
72-73: Fix alphabetical key ordering to pass dotenv-linter checks.The SMTP configuration keys need to be reordered alphabetically. According to static analysis hints,
_APP_SMTP_PASSWORDshould precede_APP_SMTP_PORT, and_APP_SMTP_USERNAMEshould follow_APP_SMTP_SECURE. This ordering aligns with the apparent alphabetical convention used in the file.Apply this reordering to the SMTP configuration block (lines 69–73):
_APP_SMTP_HOST=maildev +_APP_SMTP_PASSWORD=password _APP_SMTP_PORT=1025 _APP_SMTP_SECURE= -_APP_SMTP_USERNAME=user -_APP_SMTP_PASSWORD=password +_APP_SMTP_USERNAME=userThis ensures the keys follow alphabetical order: HOST → PASSWORD → PORT → SECURE → USERNAME.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.env(1 hunks)docker-compose.yml(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- docker-compose.yml
🧰 Additional context used
🪛 dotenv-linter (4.0.0)
.env
[warning] 72-72: [UnorderedKey] The _APP_SMTP_USERNAME key should go before the _APP_STORAGE_ANTIVIRUS key
(UnorderedKey)
[warning] 73-73: [UnorderedKey] The _APP_SMTP_PASSWORD key should go before the _APP_SMTP_PORT key
(UnorderedKey)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: Setup & Build Appwrite Image
- GitHub Check: Setup & Build Appwrite Image
- GitHub Check: scan
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.env (1)
72-73: Consider reordering SMTP keys for alphabetical consistency.The newly added
_APP_SMTP_USERNAMEand_APP_SMTP_PASSWORDkeys break alphabetical ordering within the SMTP configuration section. For consistency with project conventions, consider reordering them as_APP_SMTP_HOST,_APP_SMTP_PASSWORD,_APP_SMTP_PORT,_APP_SMTP_SECURE,_APP_SMTP_USERNAME.🔎 Proposed fix for alphabetical ordering
_APP_SMTP_HOST=maildev +_APP_SMTP_PASSWORD=password _APP_SMTP_PORT=1025 _APP_SMTP_SECURE= -_APP_SMTP_USERNAME=user -_APP_SMTP_PASSWORD=password +_APP_SMTP_USERNAME=user
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.env(1 hunks)docker-compose.yml(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- docker-compose.yml
🧰 Additional context used
🪛 dotenv-linter (4.0.0)
.env
[warning] 72-72: [UnorderedKey] The _APP_SMTP_USERNAME key should go before the _APP_STORAGE_ANTIVIRUS key
(UnorderedKey)
[warning] 73-73: [UnorderedKey] The _APP_SMTP_PASSWORD key should go before the _APP_SMTP_PORT key
(UnorderedKey)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: Setup & Build Appwrite Image
- GitHub Check: scan
- GitHub Check: Setup & Build Appwrite Image
What does this PR do?
Set
$mail->SMTPAuthto true to ensure the update SMTP endpoint checks for successful authentication before saving.This PR also updates maildev to enable authentication so that the tests can actually test for success and failure.
Fixes #9067
Test Plan
Test cases added to test invalid SMTP credentials.
Related PRs and Issues
Checklist