$this->assertFalse(auth()->check());
}
+ public function test_login_attempts_are_rate_limited()
+ {
+ for ($i = 0; $i < 5; $i++) {
+ }
+ $resp = $this->followRedirects($resp);
+ $resp->assertSee('These credentials do not match our records.');
+
+ // Check the fifth attempt provides a lockout response
+ $resp->assertSee('Too many login attempts. Please try again in');
+ }
+
/**
* Perform a login.
*/
class ResetPasswordTest extends TestCase
{
- public function test_reset_password_flow()
+ public function test_reset_flow()
{
Notification::fake();
$this->get('/')->assertSee('Your password has been successfully reset');
}
- public function test_reset_password_flow_shows_success_message_even_if_wrong_password_to_prevent_user_discovery()
+ public function test_reset_flow_shows_success_message_even_if_wrong_password_to_prevent_user_discovery()
{
$this->get('/password/email');
$resp = $this->followingRedirects()->post('/password/email', [
->assertSee('The password reset token is invalid for this email address.');
}
- public function test_reset_password_page_shows_sign_links()
+ public function test_reset_page_shows_sign_links()
{
$this->setSettings(['registration-enabled' => 'true']);
$resp = $this->get('/password/email');
->assertElementContains('a', 'Sign up');
}
- public function test_reset_password_request_is_throttled()
+ public function test_reset_request_is_throttled()
{
$editor = $this->getEditor();
Notification::fake();
projects / bookstack / commitdiff