public function TfaTestCase::testFloodControl in Two-factor Authentication (TFA) 7.2
Same name and namespace in other branches
- 7 tfa.test \TFATestCase::testFloodControl()
Test flood control.
File
- tests/
tfa.test, line 120 - Drupal test cases for TFA.
Class
- TfaTestCase
- Tests the functionality of the TFA module.
Code
public function testFloodControl() {
// Enable test plugin.
variable_set('tfa_validate_plugin', 'tfa_test_send');
// Set the TFA hourly flood threshold.
$hourly_threshold = 3;
variable_set('tfa_user_threshold', $hourly_threshold);
$account = $this->web_user;
$edit = array(
'name' => $account->name,
'pass' => $account->pass_raw,
);
$this
->drupalPost('user/login', $edit, 'Log in');
// Check TFA validation flood.
$url_parts = explode('/', $this->url);
$login_hash = array_pop($url_parts);
$edit = array(
'code' => $this
->randomName(),
);
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
$this
->assertText('Invalid sent code', 'Error message appears for random code');
$this
->assertIdentical(variable_get('tfa_test_flood_hit', ''), '', 'TFA flood hit hooks not yet invoked');
// Hit flood limit.
for ($i = 1; $i < $hourly_threshold; $i++) {
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
}
// Not sure why this is necessary.
$this
->drupalGet('system/tfa/' . $account->uid . '/' . $login_hash);
$this
->assertText($this
->uiStrings('flood-validate'), 'The validation flood text appears');
variable_set('tfa_begin_threshold', 2);
// Check process begin flood.
$edit = array(
'name' => $account->name,
'pass' => $account->pass_raw,
);
$this
->drupalPost('user/login', $edit, 'Log in');
$this
->assertText($this
->uiStrings('flood-begin'), 'The begin flood text appears');
// Assert that hook_tfa_flood_hit() was invoked.
$this
->assertIdentical(variable_get('tfa_test_flood_hit', ''), $account->uid, 'TFA flood hit hooks invoked');
}