$this->logActivity(ActivityType::AUTH_PASSWORD_RESET, $request->get('email'));
}
- if ($response === Password::RESET_LINK_SENT || $response === Password::INVALID_USER) {
+ if (in_array($response, [Password::RESET_LINK_SENT, Password::INVALID_USER, Password::RESET_THROTTLED])) {
$message = trans('auth.reset_password_sent', ['email' => $request->get('email')]);
$this->showSuccessNotification($message);
->assertElementContains('a', 'Sign up');
}
+ public function test_reset_password_request_is_throttled()
+ {
+ $editor = $this->getEditor();
+ Notification::fake();
+ $this->get('/password/email');
+ $this->followingRedirects()->post('/password/email', [
+ 'email' => $editor->email,
+ ]);
+
+ $resp = $this->followingRedirects()->post('/password/email', [
+ 'email' => $editor->email,
+ ]);
+ Notification::assertTimesSent(1, ResetPassword::class);
+ $resp->assertSee('A password reset link will be sent to ' . $editor->email . ' if that email address is found in the system.');
+ }
+
public function test_login_redirects_to_initially_requested_url_correctly()
{
config()->set('app.url', 'http://localhost');
projects / bookstack / commitdiff