function UserLoginTestCase::testGlobalLoginFloodControl

Test the global login flood control.

File

modules/user/user.test, line 343

Class

UserLoginTestCase: Functional tests for user logins, including rate limiting of login attempts.

Code

function testGlobalLoginFloodControl() {
    // Set the global login limit.
    variable_set('user_failed_login_ip_limit', 10);
    // Set a high per-user limit out so that it is not relevant in the test.
    variable_set('user_failed_login_user_limit', 4000);
    $user1 = $this->drupalCreateUser(array());
    $incorrect_user1 = clone $user1;
    $incorrect_user1->pass_raw .= 'incorrect';
    // Try 2 failed logins.
    for ($i = 0; $i < 2; $i++) {
        $this->assertFailedLogin($incorrect_user1);
    }
    // A successful login will not reset the IP-based flood control count.
    $this->drupalLogin($user1);
    $this->drupalLogout();
    // Try 8 more failed logins, they should not trigger the flood control
    // mechanism.
    for ($i = 0; $i < 8; $i++) {
        $this->assertFailedLogin($incorrect_user1);
    }
    // The next login trial should result in an IP-based flood error message.
    $this->assertFailedLogin($incorrect_user1, 'ip');
    // A login with the correct password should also result in a flood error
    // message.
    $this->assertFailedLogin($user1, 'ip');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

function UserLoginTestCase::testGlobalLoginFloodControl

File

Class

Code

Search drupal 7.x

API Navigation

Breadcrumb

function UserLoginTestCase::testGlobalLoginFloodControl

File

Class

Code

Search drupal 7.x

API Navigation