diff options
author | Harrison Healey <harrisonmhealey@gmail.com> | 2016-07-12 10:52:43 -0400 |
---|---|---|
committer | Harrison Healey <harrisonmhealey@gmail.com> | 2016-07-12 10:52:43 -0400 |
commit | 954e251188621563b3b10218f4072cc358149e84 (patch) | |
tree | 0fa41b4ecc7dcd5e9e73062ad6ebc7edd5343da0 /api/user_test.go | |
parent | ad343a0f4ad175053f7d0da12a0587bcbb396d1c (diff) | |
parent | c377605906fc7eeb9dcaf75e66732efd3b4fe7fc (diff) | |
download | chat-954e251188621563b3b10218f4072cc358149e84.tar.gz chat-954e251188621563b3b10218f4072cc358149e84.tar.bz2 chat-954e251188621563b3b10218f4072cc358149e84.zip |
Merged release-3.2 into master
Diffstat (limited to 'api/user_test.go')
-rw-r--r-- | api/user_test.go | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/api/user_test.go b/api/user_test.go index 12390135e..5fc0a99dc 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -249,6 +249,42 @@ func TestLoginWithDeviceId(t *testing.T) { } } +func TestPasswordGuessLockout(t *testing.T) { + th := Setup().InitBasic() + Client := th.BasicClient + user := th.BasicUser + Client.Must(Client.Logout()) + + enableSignInWithEmail := *utils.Cfg.EmailSettings.EnableSignInWithEmail + passwordAttempts := utils.Cfg.ServiceSettings.MaximumLoginAttempts + defer func() { + *utils.Cfg.EmailSettings.EnableSignInWithEmail = enableSignInWithEmail + utils.Cfg.ServiceSettings.MaximumLoginAttempts = passwordAttempts + }() + *utils.Cfg.EmailSettings.EnableSignInWithEmail = true + utils.Cfg.ServiceSettings.MaximumLoginAttempts = 2 + + // OK to log in + if _, err := Client.Login(user.Username, user.Password); err != nil { + t.Fatal(err) + } + + Client.Must(Client.Logout()) + + // Fail twice + if _, err := Client.Login(user.Email, "notthepassword"); err == nil { + t.Fatal("Shouldn't be able to login with bad password.") + } + if _, err := Client.Login(user.Email, "notthepassword"); err == nil { + t.Fatal("Shouldn't be able to login with bad password.") + } + + // Locked out + if _, err := Client.Login(user.Email, user.Password); err == nil { + t.Fatal("Shouldn't be able to login with password when account is locked out.") + } +} + func TestSessions(t *testing.T) { th := Setup().InitBasic() Client := th.BasicClient @@ -746,6 +782,26 @@ func TestUserUpdatePassword(t *testing.T) { t.Fatal(err) } + // Test lockout + passwordAttempts := utils.Cfg.ServiceSettings.MaximumLoginAttempts + defer func() { + utils.Cfg.ServiceSettings.MaximumLoginAttempts = passwordAttempts + }() + utils.Cfg.ServiceSettings.MaximumLoginAttempts = 2 + + // Fail twice + if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { + t.Fatal("Should have errored") + } + if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { + t.Fatal("Should have errored") + } + + // Should fail because account is locked out + if _, err := Client.UpdateUserPassword(user.Id, "newpwd1", "newpwd2"); err == nil { + t.Fatal("Should have errored") + } + user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) LinkUserToTeam(user2, team) |