mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 05:36:00 +00:00
Added login throttling test, updated reset-pw test method names
This commit is contained in:
parent
90b4257889
commit
5c5ea64228
@ -133,6 +133,19 @@ class AuthTest extends TestCase
|
||||
$this->assertFalse(auth()->check());
|
||||
}
|
||||
|
||||
public function test_login_attempts_are_rate_limited()
|
||||
{
|
||||
for ($i = 0; $i < 5; $i++) {
|
||||
$resp = $this->login('bennynotexisting@example.com', 'pw123');
|
||||
}
|
||||
$resp = $this->followRedirects($resp);
|
||||
$resp->assertSee('These credentials do not match our records.');
|
||||
|
||||
// Check the fifth attempt provides a lockout response
|
||||
$resp = $this->followRedirects($this->login('bennynotexisting@example.com', 'pw123'));
|
||||
$resp->assertSee('Too many login attempts. Please try again in');
|
||||
}
|
||||
|
||||
/**
|
||||
* Perform a login.
|
||||
*/
|
||||
|
@ -9,7 +9,7 @@ use Tests\TestCase;
|
||||
|
||||
class ResetPasswordTest extends TestCase
|
||||
{
|
||||
public function test_reset_password_flow()
|
||||
public function test_reset_flow()
|
||||
{
|
||||
Notification::fake();
|
||||
|
||||
@ -52,7 +52,7 @@ class ResetPasswordTest extends TestCase
|
||||
$this->get('/')->assertSee('Your password has been successfully reset');
|
||||
}
|
||||
|
||||
public function test_reset_password_flow_shows_success_message_even_if_wrong_password_to_prevent_user_discovery()
|
||||
public function test_reset_flow_shows_success_message_even_if_wrong_password_to_prevent_user_discovery()
|
||||
{
|
||||
$this->get('/password/email');
|
||||
$resp = $this->followingRedirects()->post('/password/email', [
|
||||
@ -75,7 +75,7 @@ class ResetPasswordTest extends TestCase
|
||||
->assertSee('The password reset token is invalid for this email address.');
|
||||
}
|
||||
|
||||
public function test_reset_password_page_shows_sign_links()
|
||||
public function test_reset_page_shows_sign_links()
|
||||
{
|
||||
$this->setSettings(['registration-enabled' => 'true']);
|
||||
$resp = $this->get('/password/email');
|
||||
@ -83,7 +83,7 @@ class ResetPasswordTest extends TestCase
|
||||
->assertElementContains('a', 'Sign up');
|
||||
}
|
||||
|
||||
public function test_reset_password_request_is_throttled()
|
||||
public function test_reset_request_is_throttled()
|
||||
{
|
||||
$editor = $this->getEditor();
|
||||
Notification::fake();
|
||||
|
Loading…
Reference in New Issue
Block a user