Sha256: f5c5ecfe831f5e07285396dcb4cda5246a2ca8a51463636a49bd16c30a964c41

Contents?: true

Size: 1.33 KB

Versions: 13

Compression:

Stored size: 1.33 KB

Contents

require 'spec_helper'

describe SorceryController, type: :controller do
  let(:user) { double('user', id: 42, email: 'bla@bla.com') }

  def request_test_login
    get :test_login, params: { email: 'bla@bla.com', password: 'blabla' }
  end

  # ----------------- SESSION TIMEOUT -----------------------
  describe 'brute force protection features' do
    before(:all) do
      sorcery_reload!([:brute_force_protection])
    end

    after(:each) do
      Sorcery::Controller::Config.reset!
      sorcery_controller_property_set(:user_class, User)
      Timecop.return
    end

    it 'counts login retries' do
      allow(User).to receive(:authenticate) { |&block| block.call(nil, :other) }
      allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)

      expect(user).to receive(:register_failed_login!).exactly(3).times

      3.times { request_test_login }
    end

    it 'resets the counter on a good login' do
      # dirty hack for rails 4
      allow(@controller).to receive(:register_last_activity_time_to_db)

      allow(User).to receive(:authenticate) { |&block| block.call(user, nil) }
      expect(user).to receive_message_chain(:sorcery_adapter, :update_attribute).with(:failed_logins_count, 0)

      get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
    end
  end
end

Version data entries

13 entries across 13 versions & 1 rubygems

Version Path
sorcery-0.17.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.5 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.4 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.3 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.2 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.1 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.15.1 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.16.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.15.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.14.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.13.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.12.0 spec/controllers/controller_brute_force_protection_spec.rb
sorcery-0.11.0 spec/controllers/controller_brute_force_protection_spec.rb