function UserLoginTestCase::assertFailedLogin

Make an unsuccessful login attempt.

Parameters

$account: A user object with name and pass_raw attributes for the login attempt.

$flood_trigger: Whether or not to expect that the flood control mechanism will be triggered.

2 calls to UserLoginTestCase::assertFailedLogin()
UserLoginTestCase::testGlobalLoginFloodControl in modules/user/user.test
Test the global login flood control.
UserLoginTestCase::testPerUserLoginFloodControl in modules/user/user.test
Test the per-user login flood control.

File

modules/user/user.test, line 460

Class

UserLoginTestCase
Functional tests for user logins, including rate limiting of login attempts.

Code

function assertFailedLogin($account, $flood_trigger = NULL) {
    $edit = array(
        'name' => $account->name,
        'pass' => $account->pass_raw,
    );
    $this->drupalPost('user', $edit, t('Log in'));
    $this->assertNoFieldByXPath("//input[@name='pass' and @value!='']", NULL, 'Password value attribute is blank.');
    if (isset($flood_trigger)) {
        $this->assertResponse(403);
        $user_log = db_query_range('SELECT message FROM {watchdog} WHERE type = :type ORDER BY wid DESC', 0, 1, array(
            ':type' => 'user',
        ))->fetchField();
        $user_flood_test_log = db_query_range('SELECT message FROM {watchdog} WHERE type = :type ORDER BY wid DESC', 0, 1, array(
            ':type' => 'user_flood_test',
        ))->fetchField();
        if ($flood_trigger == 'user') {
            $this->assertRaw(t('Sorry, there have been more than @count failed login attempts for this account. It is temporarily blocked. Try again later or <a href="@url">request a new password</a>.', array(
                '@url' => url('user/password'),
                '@count' => variable_get('user_failed_login_user_limit', 5),
            )));
            $this->assertEqual('Flood control blocked login attempt for %user from %ip.', $user_log, 'A watchdog message was logged for the login attempt blocked by flood control per user');
            $this->assertEqual('hook_user_flood_control was passed username %username and IP %ip.', $user_flood_test_log, 'hook_user_flood_control was invoked by flood control per user');
        }
        else {
            // No uid, so the limit is IP-based.
            $this->assertRaw(t('Sorry, too many failed login attempts from your IP address. This IP address is temporarily blocked. Try again later or <a href="@url">request a new password</a>.', array(
                '@url' => url('user/password'),
            )));
            $this->assertEqual('Flood control blocked login attempt from %ip.', $user_log, 'A watchdog message was logged for the login attempt blocked by flood control per IP');
            $this->assertEqual('hook_user_flood_control was passed IP %ip.', $user_flood_test_log, 'hook_user_flood_control was invoked by flood control per IP');
        }
    }
    else {
        $this->assertText(t('Sorry, unrecognized username or password. Have you forgotten your password?'));
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.