Sha256: a3afc01e8dabfd8259118f671a2160104696fc0e89b0f17070becde753ec4ca1
Contents?: true
Size: 1.28 KB
Versions: 4
Compression:
Stored size: 1.28 KB
Contents
require 'spec_helper' describe SorceryController, type: :controller do let(:user) { double('user', id: 42, email: 'bla@bla.com') } def request_test_login get :test_login, params: { email: 'bla@bla.com', password: 'blabla' } end # ----------------- SESSION TIMEOUT ----------------------- describe 'brute force protection features' do before(:all) do sorcery_reload!([:brute_force_protection]) end after(:each) do Sorcery::Controller::Config.reset! sorcery_controller_property_set(:user_class, User) Timecop.return end it 'counts login retries' do allow(User).to receive(:authenticate) allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user) expect(user).to receive(:register_failed_login!).exactly(3).times 3.times { request_test_login } end it 'resets the counter on a good login' do # dirty hack for rails 4 allow(@controller).to receive(:register_last_activity_time_to_db) allow(User).to receive(:authenticate).and_return(user) expect(user).to receive_message_chain(:sorcery_adapter, :update_attribute).with(:failed_logins_count, 0) get :test_login, params: { email: 'bla@bla.com', password: 'secret' } end end end
Version data entries
4 entries across 4 versions & 1 rubygems