public function UserLoginTest::testPerUserLoginFloodControl in farmOS 2.x
Test the per-user login flood control.
A duplicate of the core test except login using username.
It is important to test this since we are altering the UserLoginForm, which could potentially skip the flood validation.
See also
UserLoginTest::testPerUserLoginFloodControl()
File
- modules/
core/ login/ tests/ src/ Functional/ UserLoginTest.php, line 82
Class
- UserLoginTest
- Test using an email in the UserLoginForm.
Namespace
Drupal\Tests\farm_login\FunctionalCode
public function testPerUserLoginFloodControl() {
$this
->config('user.flood')
->set('ip_limit', 4000)
->set('user_limit', 3)
->save();
$user1 = $this
->drupalCreateUser([]);
$incorrect_user1 = clone $user1;
$incorrect_user1->passRaw .= 'incorrect';
$user2 = $this
->drupalCreateUser([]);
// Try 2 failed logins.
for ($i = 0; $i < 2; $i++) {
$this
->assertFailedLoginUsingEmail($incorrect_user1);
}
// A successful login will reset the per-user flood control count.
$this
->drupalLoginUsingEmail($user1);
$this
->drupalLogout();
// Try 3 failed logins for user 1, they will not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this
->assertFailedLoginUsingEmail($incorrect_user1);
}
// Try one successful attempt for user 2, it should not trigger any
// flood control.
$this
->drupalLoginUsingEmail($user2);
$this
->drupalLogout();
// Try one more attempt for user 1, it should be rejected, even if the
// correct password has been used.
$this
->assertFailedLoginUsingEmail($user1, 'user');
}