function UserPasswordResetTest::testUserResetPasswordIpFloodControl

Same name in other branches
  1. 8.9.x core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()
  2. 10 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()
  3. 11.x core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest::testUserResetPasswordIpFloodControl()

Tests password reset flood control for one IP.

File

core/modules/user/tests/src/Functional/UserPasswordResetTest.php, line 429

Class

UserPasswordResetTest
Ensure that password reset methods work as expected.

Namespace

Drupal\Tests\user\Functional

Code

public function testUserResetPasswordIpFloodControl() {
    \Drupal::configFactory()->getEditable('user.flood')
        ->set('ip_limit', 3)
        ->save();
    // Try 3 requests that should not trigger flood control.
    for ($i = 0; $i < 3; $i++) {
        $this->drupalGet('user/password');
        $random_name = $this->randomMachineName();
        $edit = [
            'name' => $random_name,
        ];
        $this->submitForm($edit, 'Submit');
        // Because we're testing with a random name, the password reset will not be valid.
        $this->assertNoValidPasswordReset($random_name);
        $this->assertNoPasswordIpFlood();
    }
    // The next request should trigger flood control.
    $this->drupalGet('user/password');
    $edit = [
        'name' => $this->randomMachineName(),
    ];
    $this->submitForm($edit, 'Submit');
    $this->assertPasswordIpFlood();
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.