public function UserPasswordResetTest::testUserResetPasswordUserFloodControlIsCleared in Drupal 10
Same name and namespace in other branches
- 8 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordUserFloodControlIsCleared()
- 9 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordUserFloodControlIsCleared()
Tests user password reset flood control is cleared on successful reset.
File
- core/
modules/ user/ tests/ src/ Functional/ UserPasswordResetTest.php, line 450
Class
- UserPasswordResetTest
- Ensure that password reset methods work as expected.
Namespace
Drupal\Tests\user\FunctionalCode
public function testUserResetPasswordUserFloodControlIsCleared() {
\Drupal::configFactory()
->getEditable('user.flood')
->set('user_limit', 3)
->save();
$edit = [
'name' => $this->account
->getAccountName(),
];
// Count email messages before to compare with after.
$before = count($this
->drupalGetMails([
'id' => 'user_password_reset',
]));
// Try 3 requests that should not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this
->drupalGet('user/password');
$this
->submitForm($edit, 'Submit');
$this
->assertValidPasswordReset($edit['name']);
}
// Ensure 3 emails were sent.
$this
->assertCount($before + 3, $this
->drupalGetMails([
'id' => 'user_password_reset',
]), '3 emails sent without triggering flood control.');
// Use the last password reset URL which was generated.
$reset_url = $this
->getResetURL();
$this
->drupalGet($reset_url . '/login');
$this
->assertSession()
->linkExists('Log out');
$this
->assertSession()
->titleEquals($this->account
->getAccountName() . ' | Drupal');
$this
->drupalLogout();
// The next request should *not* trigger flood control, since a successful
// password reset should have cleared flood events for this user.
$this
->drupalGet('user/password');
$this
->submitForm($edit, 'Submit');
$this
->assertValidPasswordReset($edit['name']);
// Ensure another email was sent.
$this
->assertCount($before + 4, $this
->drupalGetMails([
'id' => 'user_password_reset',
]), 'Another email was sent after clearing flood control.');
}