Sha256: d74e57530d34540f9c7d88140196c91081ce73e8354a6c79d888720f0a6ae7ef
Contents?: true
Size: 1.34 KB
Versions: 2
Compression:
Stored size: 1.34 KB
Contents
require 'spec_helper'
require 'support/features/feature_helpers'
feature 'visitor has consecutive bad logins' do
before do
# puts Authenticate.configuration.max_consecutive_bad_logins_allowed.inspect
# puts Authenticate.configuration.bad_login_lockout_period.inspect
@user = create(:user)
end
scenario 'less than max bad logins does not lock account' do
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, @user.password
expect_user_to_be_signed_in
end
scenario 'exceeds max bad logins and locks account' do
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, 'badpassword'
expect_locked_account
expect_lockout_time_to_be_displayed
expect_user_to_be_signed_out
end
scenario 'user locks account, waits for lock to expire, logs in successfully' do
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, 'badpassword'
sign_in_with @user.email, 'badpassword'
Timecop.travel 50.minutes do
sign_in_with @user.email, @user.password
expect_user_to_be_signed_in
end
end
end
def expect_locked_account
expect(page).to have_content 'Your account is locked'
end
def expect_lockout_time_to_be_displayed
expect(page).to have_content '10 minutes'
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| authenticate-0.3.1 | spec/features/brute_force_spec.rb |
| authenticate-0.3.0 | spec/features/brute_force_spec.rb |