You are here

Home » API reference » hCaptcha 7 » hcaptcha.test » HCaptchaBasicTest

public function HCaptchaBasicTest::testHCaptchaOnLoginForm in hCaptcha 7

Testing the protection of the user login form.

File

./hcaptcha.test, line 92
Tests for hCaptcha module.

Class

HCaptchaBasicTest
@file Tests for hCaptcha module.

Code

public function testHCaptchaOnLoginForm() {
  global $language;
  $site_key = $this
    ->randomName(40);
  $secret_key = $this
    ->randomName(40);
  $hcaptcha = '<div class="h-captcha" data-sitekey="' . $site_key . '"></div>';

  // Test if login works.
  $this
    ->drupalLogin($this->normal_user);
  $this
    ->drupalLogout();
  $this
    ->drupalGet('user');
  $this
    ->assertNoRaw($hcaptcha, '[testHCaptchaOnLoginForm]: hCaptcha is not shown on form.');

  // Enable 'captcha/Math' CAPTCHA on login form.
  captcha_set_form_id_setting('user_login', 'captcha/Math');
  $this
    ->drupalGet('user');
  $this
    ->assertNoRaw($hcaptcha, '[testHCaptchaOnLoginForm]: hCaptcha is not shown on form.');

  // Enable 'hcaptcha/hCaptcha' on login form.
  captcha_set_form_id_setting('user_login', 'hcaptcha/hCaptcha');
  $result = captcha_get_form_id_setting('user_login');
  $this
    ->assertNotNull($result, 'A configuration has been found for CAPTCHA point: user_login', 'hCaptcha');
  $this
    ->assertEqual($result->module, 'hcaptcha', 'hCaptcha module configured for CAPTCHA point: user_login', 'hCaptcha');
  $this
    ->assertEqual($result->captcha_type, 'hCaptcha', 'hCaptcha type has been configured for CAPTCHA point: user_login', 'hCaptcha');

  // Check if a Math CAPTCHA is still shown on the login form. The site key
  // and security key have not yet configured for hCaptcha. The module need
  // to fall back to math captcha.
  $this
    ->drupalGet('user');
  $this
    ->assertRaw(t('Math question'), '[testHCaptchaOnLoginForm]: Math CAPTCHA is shown on form.');

  // Configure site key and security key to show hCaptcha and no fall back.
  variable_set('hcaptcha_site_key', $site_key);
  variable_set('hcaptcha_secret_key', $secret_key);

  // Check if there is a hCaptcha on the login form.
  $this
    ->drupalGet('user');
  $this
    ->assertRaw($hcaptcha, '[testHCaptchaOnLoginForm]: hCaptcha is shown on form.');
  $this
    ->assertRaw('<script src="https://hcaptcha.com/1/api.js?hl=' . $language->language . '" async="async" defer="defer"></script>', '[testHCaptchaOnLoginForm]: hCaptcha is shown on form.');

  // Check that data-size attribute does not exists.
  variable_set('hcaptcha_size', '');
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-size=:size]', array(
    ':class' => 'h-captcha',
    ':size' => 'small',
  ));
  $this
    ->assertFalse(!empty($element), 'Tag contains no data-size attribute.');

  // Check that data-size attribute exists.
  variable_set('hcaptcha_size', 'small');
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-size=:size]', array(
    ':class' => 'h-captcha',
    ':size' => 'small',
  ));
  $this
    ->assertTrue(!empty($element), 'Tag contains data-size attribute and value.');

  // Check that data-tabindex attribute does not exists.
  variable_set('hcaptcha_tabindex', 0);
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-tabindex=:index]', array(
    ':class' => 'h-captcha',
    ':index' => 0,
  ));
  $this
    ->assertFalse(!empty($element), 'Tag contains no data-tabindex attribute.');

  // Check that data-tabindex attribute exists.
  variable_set('hcaptcha_tabindex', 5);
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-tabindex=:index]', array(
    ':class' => 'h-captcha',
    ':index' => 5,
  ));
  $this
    ->assertTrue(!empty($element), 'Tag contains data-tabindex attribute and value.');

  // Try to log in, which should fail.
  $edit['name'] = $this->normal_user->name;
  $edit['pass'] = $this->normal_user->pass_raw;
  $edit['captcha_response'] = '?';
  $this
    ->drupalPost('user', $edit, t('Log in'));

  // Check for error message.
  $this
    ->assertText(t('The answer you entered for the CAPTCHA was not correct.'), 'CAPTCHA should block user login form', 'hCaptcha');

  // And make sure that user is not logged in: check for name and password
  // fields on ?q=user.
  $this
    ->drupalGet('user');
  $this
    ->assertField('name', t('Username field found.'), 'hCaptcha');
  $this
    ->assertField('pass', t('Password field found.'), 'hCaptcha');
}