public function LoginSecuritySoftBlockTest::testSoftBlocking in Login Security 7
Same name and namespace in other branches
- 6 login_security.test \LoginSecuritySoftBlockTest::testSoftBlocking()
Test soft blocking.
File
- ./
login_security.test, line 261 - Test the basic functions of the Login Security module.
Class
- LoginSecuritySoftBlockTest
- Test login_security soft blocks.
Code
public function testSoftBlocking() {
$login_attempts_limit = 3;
// Allow 3 attempts to login before being soft-blocking is enforced.
variable_set('login_security_user_wrong_count', 0);
variable_set('login_security_host_wrong_count', 2);
// Remove notices.
variable_set('login_security_notice_attempts_available', 0);
$normal_user = $this
->drupalCreateUser(array(
'access content',
));
$good_pass = $normal_user->pass_raw;
// Intentionally break the password to repeat invalid logins.
$normal_user->pass_raw = user_password();
$site_name = variable_get('site_name', 'drupal');
// drupalLogin() has assertions that we know will fail, so we must skip
// them with an alternate function.
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-blocked notice does not display.'));
$this
->assertNoText("The user {$normal_user->name} has been blocked due to failed login attempts.", t('User is not blocked.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// Second try.
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-blocked notice does not display.'));
$this
->assertNoText("The user {$normal_user->name} has been blocked due to failed login attempts.", t('User is not blocked.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
$this
->assertFieldByName('op', 'Log in', t('Submit button found.'));
// Remove error messages.
variable_set('login_security_disable_core_login_error', 1);
// Third try, still valid without soft blocking.
$this
->drupalLoginLite($normal_user);
$this
->assertNoText("This host is not allowed to log in", t('Soft-block message does not display.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// Restore error messages.
variable_set('login_security_disable_core_login_error', 0);
// 4th attempt, the host is not allowed this time.
$this
->drupalLoginLite($normal_user);
$this
->assertText("This host is not allowed to log in", t('Soft-block message displays.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
// Try a normal login because it should be locked out now.
$normal_user->pass_raw = $good_pass;
$this
->drupalLoginLite($normal_user);
$this
->assertText("This host is not allowed to log in", t('Soft-block message displays.'));
$this
->assertFieldByName('form_id', 'user_login', t('Login form found.'));
}