You are here

Home » API reference » Two-factor Authentication (TFA) 7 » tfa.test » TFATestCase

public function TFATestCase::testFloodControl in Two-factor Authentication (TFA) 7

Same name and namespace in other branches
  1. 7.2 tests/tfa.test \TfaTestCase::testFloodControl()

File

./tfa.test, line 41

Class

TFATestCase
Tests the functionality of the TFA module.

Code

public function testFloodControl() {

  // Set the TFA hourly flood threshold.
  $hourly_threshold = 3;
  variable_set('tfa_hourly_threshold', $hourly_threshold);
  $account = $this
    ->drupalCreateUser(array());
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user', $edit, t('Log in'));

  // Check that TFA process has begun.
  $this
    ->assertText($this
    ->interfaceStrings('sent'), 'The "TFA sent message" text appears');

  // Check TFA validation flood.
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);
  $edit = array(
    'code' => $this
      ->randomName(),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, t('Log in'));
  $this
    ->assertText($this
    ->interfaceStrings('invalid-code'), 'The "invalid code" text appears');

  // Hit flood limit.
  for ($i = 1; $i < $hourly_threshold; $i++) {
    $this
      ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, t('Log in'));
  }
  $this
    ->drupalGet('system/tfa/' . $account->uid . '/' . $login_hash);

  // Unsure why this is necessary.
  $this
    ->assertText($this
    ->interfaceStrings('flood-validate'), 'The "TFA validate flood" text appears');

  // Check TFA send flood.
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  for ($i = 0; $i < $hourly_threshold; $i++) {
    $this
      ->drupalPost('user', $edit, t('Log in'));
  }
  $this
    ->assertText($this
    ->interfaceStrings('flood-send'), 'The "TFA sent flood" text appears');
}