Guest create page: name field autofocus

[bookstack] / tests / Auth / AuthTest.php

diff --git a/tests/Auth/AuthTest.php b/tests/Auth/AuthTest.php
index f0b473472e723db3fb4c9fa66d21157837a76379..3220b2aac72138c00a965093cd5d59e54d4c6ff5 100644 (file)
--- a/tests/Auth/AuthTest.php
+++ b/tests/Auth/AuthTest.php
@@ -3,7 +3,6 @@
 namespace Tests\Auth;
 
 use BookStack\Auth\Access\Mfa\MfaSession;
-use BookStack\Entities\Models\Page;
 use Illuminate\Testing\TestResponse;
 use Tests\TestCase;
 
@@ -58,8 +57,7 @@ class AuthTest extends TestCase
     public function test_login_redirects_to_initially_requested_url_correctly()
     {
         config()->set('app.url', 'http://localhost');
-        /** @var Page $page */
-        $page = Page::query()->first();
+        $page = $this->entities->page();
 
         $this->get($page->getUrl())->assertRedirect(url('/login'));
         $this->login('[email protected]', 'password')
@@ -133,6 +131,19 @@ class AuthTest extends TestCase
         $this->assertFalse(auth()->check());
     }
 
+    public function test_login_attempts_are_rate_limited()
+    {
+        for ($i = 0; $i < 5; $i++) {
+            $resp = $this->login('[email protected]', 'pw123');
+        }
+        $resp = $this->followRedirects($resp);
+        $resp->assertSee('These credentials do not match our records.');
+
+        // Check the fifth attempt provides a lockout response
+        $resp = $this->followRedirects($this->login('[email protected]', 'pw123'));
+        $resp->assertSee('Too many login attempts. Please try again in');
+    }
+
     /**
      * Perform a login.
      */