function UserLoginTest::assertFailedLogin
Same name and namespace in other branches
- 9 core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::assertFailedLogin()
- 8.9.x core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::assertFailedLogin()
- 10 core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::assertFailedLogin()
Make an unsuccessful login attempt.
@internal
Parameters
\Drupal\user\Entity\User $account: A user object with name and passRaw attributes for the login attempt.
string $flood_trigger: (optional) Whether or not to expect that the flood control mechanism will be triggered. Defaults to NULL.
- Set to 'user' to expect a 'too many failed logins error.
- Set to any value to expect an error for too many failed logins per IP.
- Set to NULL to expect a failed login.
2 calls to UserLoginTest::assertFailedLogin()
- UserLoginTest::testGlobalLoginFloodControl in core/
modules/ user/ tests/ src/ Functional/ UserLoginTest.php - Tests the global login flood control.
- UserLoginTest::testPerUserLoginFloodControl in core/
modules/ user/ tests/ src/ Functional/ UserLoginTest.php - Tests the per-user login flood control.
File
-
core/
modules/ user/ tests/ src/ Functional/ UserLoginTest.php, line 288
Class
- UserLoginTest
- Ensure that login works as expected.
Namespace
Drupal\Tests\user\FunctionalCode
public function assertFailedLogin(User $account, ?string $flood_trigger = NULL) : void {
$database = \Drupal::database();
$edit = [
'name' => $account->getAccountName(),
'pass' => $account->passRaw,
];
$this->drupalGet('user/login');
$this->submitForm($edit, 'Log in');
if (isset($flood_trigger)) {
$this->assertSession()
->statusCodeEquals(403);
$this->assertSession()
->fieldNotExists('pass');
$last_log = $database->select('watchdog', 'w')
->fields('w', [
'message',
])
->condition('type', 'user')
->orderBy('wid', 'DESC')
->range(0, 1)
->execute()
->fetchField();
if ($flood_trigger == 'user') {
$this->assertSession()
->pageTextMatches("/There (has|have) been more than \\w+ failed login attempt.* for this account. It is temporarily blocked. Try again later or request a new password./");
$this->assertSession()
->elementExists('css', 'body.maintenance-page');
$this->assertSession()
->linkExists("request a new password");
$this->assertSession()
->linkByHrefExists(Url::fromRoute('user.pass')->toString());
$this->assertEquals('Flood control blocked login attempt for uid %uid from %ip', $last_log, 'A watchdog message was logged for the login attempt blocked by flood control per user.');
}
else {
// No uid, so the limit is IP-based.
$this->assertSession()
->pageTextContains("Too many failed login attempts from your IP address. This IP address is temporarily blocked. Try again later or request a new password.");
$this->assertSession()
->elementExists('css', 'body.maintenance-page');
$this->assertSession()
->linkExists("request a new password");
$this->assertSession()
->linkByHrefExists(Url::fromRoute('user.pass')->toString());
$this->assertEquals('Flood control blocked login attempt from %ip', $last_log, 'A watchdog message was logged for the login attempt blocked by flood control per IP.');
}
}
else {
$this->assertSession()
->statusCodeEquals(200);
$this->assertSession()
->fieldValueEquals('pass', '');
$this->assertSession()
->pageTextContains('Unrecognized username or password. Forgot your password?');
}
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.