mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-20 22:42:53 -05:00
Fixed broken spam prevention test (#10281)
* Fixed broken spam prevention test closes #10280 * Improved spam prevention test
This commit is contained in:
parent
7cce71d997
commit
43ce1f02c1
1 changed files with 12 additions and 7 deletions
|
@ -87,13 +87,18 @@ describe('Spam Prevention API', function () {
|
||||||
it('Ensure reset works: password grant type', function () {
|
it('Ensure reset works: password grant type', function () {
|
||||||
return executeRequests(userAllowedAttempts - 1, loginAttempt, owner.email, incorrectPassword)
|
return executeRequests(userAllowedAttempts - 1, loginAttempt, owner.email, incorrectPassword)
|
||||||
.then(() => loginAttempt(owner.email, correctPassword))
|
.then(() => loginAttempt(owner.email, correctPassword))
|
||||||
.then(() => {
|
// CASE: login in with bad credentials twice - which would
|
||||||
return db.knex('brute').select()
|
// take us over the limit if the block hasn't been reset
|
||||||
.then(function (rows) {
|
.then(() => loginAttempt(owner.email, incorrectPassword))
|
||||||
// if reset works, the key is deleted and only one key remains in the database
|
.then(() => loginAttempt(owner.email, incorrectPassword))
|
||||||
// the one key is the key for global block
|
.then((res) => {
|
||||||
rows.length.should.eql(1);
|
// CASE: the reset means that we should be able to attempt to log in again
|
||||||
});
|
// and not get a too many requests error
|
||||||
|
const error = res.body.errors[0];
|
||||||
|
should.exist(error.errorType);
|
||||||
|
res.statusCode.should.eql(422);
|
||||||
|
error.errorType.should.eql('ValidationError');
|
||||||
|
error.message.should.eql('Your password is incorrect.');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
Loading…
Add table
Reference in a new issue