Sha256: a3afc01e8dabfd8259118f671a2160104696fc0e89b0f17070becde753ec4ca1
Contents?: true
Size: 1.28 KB
Versions: 4
Compression:
Stored size: 1.28 KB
Contents
require 'spec_helper'
describe SorceryController, type: :controller do
let(:user) { double('user', id: 42, email: 'bla@bla.com') }
def request_test_login
get :test_login, params: { email: 'bla@bla.com', password: 'blabla' }
end
# ----------------- SESSION TIMEOUT -----------------------
describe 'brute force protection features' do
before(:all) do
sorcery_reload!([:brute_force_protection])
end
after(:each) do
Sorcery::Controller::Config.reset!
sorcery_controller_property_set(:user_class, User)
Timecop.return
end
it 'counts login retries' do
allow(User).to receive(:authenticate)
allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)
expect(user).to receive(:register_failed_login!).exactly(3).times
3.times { request_test_login }
end
it 'resets the counter on a good login' do
# dirty hack for rails 4
allow(@controller).to receive(:register_last_activity_time_to_db)
allow(User).to receive(:authenticate).and_return(user)
expect(user).to receive_message_chain(:sorcery_adapter, :update_attribute).with(:failed_logins_count, 0)
get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems