function UserPasswordResetTest::testUserResetPasswordIpFloodControl
Same name in other branches
- 9 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()
- 8.9.x core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()
- 11.x core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()
Tests password reset flood control for one IP.
File
-
core/
modules/ user/ tests/ src/ Functional/ UserPasswordResetTest.php, line 443
Class
- UserPasswordResetTest
- Ensure that password reset methods work as expected.
Namespace
Drupal\Tests\user\FunctionalCode
public function testUserResetPasswordIpFloodControl() : void {
\Drupal::configFactory()->getEditable('user.flood')
->set('ip_limit', 3)
->save();
// Try 3 requests that should not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this->drupalGet('user/password');
$random_name = $this->randomMachineName();
$edit = [
'name' => $random_name,
];
$this->submitForm($edit, 'Submit');
// Because we're testing with a random name, the password reset will not be valid.
$this->assertNoValidPasswordReset($random_name);
$this->assertNoPasswordIpFlood();
}
// The next request should trigger flood control.
$this->drupalGet('user/password');
$edit = [
'name' => $this->randomMachineName(),
];
$this->submitForm($edit, 'Submit');
$this->assertPasswordIpFlood();
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.