function LoginSecuritySoftBlockTest::testSoftBlocking in Login Security 6
Same name and namespace in other branches
- 7 login_security.test \LoginSecuritySoftBlockTest::testSoftBlocking()
File
- ./
login_security.test, line 203 - Test the basic functions of the Login Security module.
Class
Code
function testSoftBlocking() {
$login_attempts_limit = 3;
// allow 3 attempts to login before being soft-blocking is enforced
variable_set('login_security_user_wrong_count', 0);
variable_set('login_security_host_wrong_count', 2);
// remove notices
variable_set('login_security_notice_attempts_available', 0);
$normal_user = $this
->drupalCreateUser(array(
'access content',
));
$good_pass = $normal_user->pass_raw;
// intentionally break the password to repeat invalid logins
$normal_user->pass_raw = user_password();
$site_name = variable_get('site_name', 'drupal');
// drupalLogin() has assertions that we know will fail, so we must skip them with an alternate function
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-blocked notice does not display.'));
$this
->assertNoText("The user {$normal_user->name} has been blocked due to failed login attempts.", t('User is not blocked.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// Second try
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-blocked notice does not display.'));
$this
->assertNoText("The user {$normal_user->name} has been blocked due to failed login attempts.", t('User is not blocked.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
$this
->assertFieldByName('op', 'Log in', t('Submit button found.'));
// remove error messages
variable_set('login_security_disable_core_login_error', 1);
// Third try, still valid without soft blocking
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-block message does not display.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// restore error messages
variable_set('login_security_disable_core_login_error', 0);
// 4th attempt, the host is not allowed this time
$this
->drupalLoginLite($normal_user);
$this
->assertText("This host is not allowed to log in", t('Soft-block message displays.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// try a normal login because it should be locked out now
$normal_user->pass_raw = $good_pass;
$this
->drupalLoginLite($normal_user);
$this
->assertText("This host is not allowed to log in", t('Soft-block message displays.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
}