function UserLoginTest::testPerUserLoginFloodControl
Same name in other branches
- 9 core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::testPerUserLoginFloodControl()
- 8.9.x core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::testPerUserLoginFloodControl()
- 10 core/modules/user/tests/src/Functional/UserLoginTest.php \Drupal\Tests\user\Functional\UserLoginTest::testPerUserLoginFloodControl()
Tests the per-user login flood control.
File
-
core/
modules/ user/ tests/ src/ Functional/ UserLoginTest.php, line 97
Class
- UserLoginTest
- Ensure that login works as expected.
Namespace
Drupal\Tests\user\FunctionalCode
public function testPerUserLoginFloodControl() : void {
$this->config('user.flood')
->set('ip_limit', 4000)
->set('user_limit', 3)
->save();
$user1 = $this->drupalCreateUser([]);
$incorrect_user1 = clone $user1;
$incorrect_user1->passRaw .= 'incorrect';
$user2 = $this->drupalCreateUser([]);
// Try 2 failed logins.
for ($i = 0; $i < 2; $i++) {
$this->assertFailedLogin($incorrect_user1);
}
// We're not going to test resetting the password which should clear the
// flood table and allow the user to log in again.
$this->drupalLogin($user1);
$this->drupalLogout();
// Try 3 failed logins for user 1, they will not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this->assertFailedLogin($incorrect_user1);
}
// Try one successful attempt for user 2, it should not trigger any
// flood control.
$this->drupalLogin($user2);
$this->drupalLogout();
// Try one more attempt for user 1, it should be rejected, even if the
// correct password has been used.
$this->assertFailedLogin($user1, 'user');
$this->resetUserPassword($user1);
$this->drupalLogout();
// Try to log in as user 1, it should be successful.
$this->drupalLogin($user1);
$this->assertSession()
->responseContains('Member for');
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.