Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
Code Issues Activity

Fixed broken spam prevention test (#10281)

Browse source 
* Fixed broken spam prevention test

closes #10280

* Improved spam prevention test
This commit is contained in:
Fabien O'Carroll 2018-12-13 18:44:32 +07:00 committed by GitHub
parent 7cce71d997
commit 43ce1f02c1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
core/test/functional/api/v0.1/spam_prevention_spec.js
View file

@ -87,13 +87,18 @@ describe('Spam Prevention API', function () {
it('Ensure reset works: password grant type', function () { it('Ensure reset works: password grant type', function () {
return executeRequests(userAllowedAttempts - 1, loginAttempt, owner.email, incorrectPassword) return executeRequests(userAllowedAttempts - 1, loginAttempt, owner.email, incorrectPassword)
.then(() => loginAttempt(owner.email, correctPassword)) .then(() => loginAttempt(owner.email, correctPassword))
.then(() => { // CASE: login in with bad credentials twice - which would
return db.knex('brute').select() // take us over the limit if the block hasn't been reset
.then(function (rows) { .then(() => loginAttempt(owner.email, incorrectPassword))
// if reset works, the key is deleted and only one key remains in the database .then(() => loginAttempt(owner.email, incorrectPassword))
// the one key is the key for global block .then((res) => {
rows.length.should.eql(1); // CASE: the reset means that we should be able to attempt to log in again
}); // and not get a too many requests error
const error = res.body.errors[0];
should.exist(error.errorType);
res.statusCode.should.eql(422);
error.errorType.should.eql('ValidationError');
error.message.should.eql('Your password is incorrect.');
}); });
}); });
}); });