public function AutoLoginUrlTest::testAluFloodCheck in Auto Login URL 2.x
Same name and namespace in other branches
- 8 src/Tests/AutoLoginUrlTest.php \Drupal\auto_login_url\Tests\AutoLoginUrlTest::testAluFloodCheck()
Test flood.
File
- src/
Tests/ AutoLoginUrlTest.php, line 111
Class
- AutoLoginUrlTest
- AutoLoginUrlTestCase Class.
Namespace
Drupal\auto_login_url\TestsCode
public function testAluFloodCheck() {
// Set failed attempts to 5 for easier testing.
$flood_config = $this
->config('user.flood');
$flood_config
->set('ip_limit', 5)
->save();
// Create user.
$user = $this
->createUser([
'use auto login url',
]);
// Access 10 false URLs. Essentially triggering flood.
for ($i = 1; $i < 6; $i++) {
$this
->drupalGet('autologinurl/' . $i . '/some-token' . $i);
$this
->assertResponse(403, t('Got access denied page.'));
}
// Generate actual auto login url for this user.
$url = auto_login_url_create($user
->get('uid')->value, 'user/' . $user
->get('uid')->value);
// Access url.
$this
->drupalGet($url);
// Make assertions.
$this
->assertResponse(403, t('Got access denied page.'));
$this
->assertText(t('Sorry, too many failed login attempts from your IP address. This IP address is temporarily blocked. Try again later.'), t('Cannot login message visible.'));
// Clear flood table. I am using sql instead of the flood interface
// (\Drupal::flood()->clear('user.failed_login_ip');) because it does not
// seem to work. But it is not a problem at this point since we know the
// flood records will be on DB anyway.
$connection = \Drupal::database();
$connection
->truncate('flood')
->execute();
// Try to login again.
$this
->drupalGet($url);
$this
->assertResponse(200, t('User logged in successfully.'));
$this
->assertText($user
->get('name')->value, t('User name is visible, hence user is logged in.'));
}