public function LoginSecuritySoftBlockTest::testSoftBlocking in Login Security 2.x
Test soft blocking.
File
- tests/
src/ Functional/ LoginSecuritySoftBlockTest.php, line 60
Class
- LoginSecuritySoftBlockTest
- Test Login Security's soft blocking restrictions.
Namespace
Drupal\Tests\login_security\FunctionalCode
public function testSoftBlocking() {
// Allow 3 attempts to login before being soft-blocking is enforced.
$config = \Drupal::configFactory()
->getEditable('login_security.settings');
$config
->set('user_wrong_count', 0)
->save();
$config
->set('host_wrong_count', 2)
->save();
// Remove notices.
$config
->set('notice_attempts_available', 0)
->save();
$normal_user = $this
->drupalCreateUser();
$good_pass = $normal_user
->getPassword();
// Intentionally break the password to repeat invalid logins.
$new_pass = user_password();
$normal_user
->setPassword($new_pass);
// First try.
$this
->assertNoSoftBlocked($normal_user);
// Second try.
$this
->assertNoSoftBlocked($normal_user);
// Remove error messages display.
$config
->set('disable_core_login_error', 1)
->save();
// Third try, still valid without soft blocking.
$this
->assertNoSoftBlocked($normal_user);
// Restore error messages.
$config
->set('disable_core_login_error', 0)
->save();
// 4th attempt, the host is not allowed this time.
$this
->assertSoftBlocked($normal_user);
// Try a normal login because it should be locked out now.
$normal_user
->setPassword($good_pass);
$this
->assertSoftBlocked($normal_user);
}