function BasicAuthTest::testPerUserLoginFloodControl
Same name in other branches
- 8.9.x core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testPerUserLoginFloodControl()
- 10 core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testPerUserLoginFloodControl()
- 11.x core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testPerUserLoginFloodControl()
Tests the per-user login flood control.
File
-
core/
modules/ basic_auth/ tests/ src/ Functional/ BasicAuthTest.php, line 121
Class
- BasicAuthTest
- Tests for BasicAuth authentication provider.
Namespace
Drupal\Tests\basic_auth\FunctionalCode
public function testPerUserLoginFloodControl() {
$this->config('user.flood')
->set('ip_limit', 4000)
->set('user_limit', 2)
->save();
$user = $this->drupalCreateUser([]);
$incorrect_user = clone $user;
$incorrect_user->pass_raw .= 'incorrect';
$user2 = $this->drupalCreateUser([]);
$url = Url::fromRoute('router_test.11');
// Try a failed login.
$this->basicAuthGet($url, $incorrect_user->getAccountName(), $incorrect_user->pass_raw);
// A successful login will reset the per-user flood control count.
$this->basicAuthGet($url, $user->getAccountName(), $user->pass_raw);
$this->assertSession()
->statusCodeEquals(200);
// Try 2 failed logins for a user. They will trigger flood control.
for ($i = 0; $i < 2; $i++) {
$this->basicAuthGet($url, $incorrect_user->getAccountName(), $incorrect_user->pass_raw);
}
// Now the user account is blocked.
$this->basicAuthGet($url, $user->getAccountName(), $user->pass_raw);
$this->assertSession()
->statusCodeEquals(403);
// Try one successful attempt for a different user, it should not trigger
// any flood control.
$this->basicAuthGet($url, $user2->getAccountName(), $user2->pass_raw);
$this->assertSession()
->statusCodeEquals(200);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.