From db88a00d48d1dce48b8700e460c06ff7fb344f0a Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sat, 1 Aug 2015 12:14:22 -0400
Subject: Add bruteforce protection

---
 tests/units/AuthenticationTest.php | 39 ++++++++++++++++++++++++++++++++++++++
 tests/units/UserTest.php           | 25 ++++++++++++++++++++++++
 2 files changed, 64 insertions(+)
 create mode 100644 tests/units/AuthenticationTest.php

(limited to 'tests')

diff --git a/tests/units/AuthenticationTest.php b/tests/units/AuthenticationTest.php
new file mode 100644
index 00000000..75b55ece
--- /dev/null
+++ b/tests/units/AuthenticationTest.php
@@ -0,0 +1,39 @@
+<?php
+
+require_once __DIR__.'/Base.php';
+
+use Model\User;
+use Model\Authentication;
+
+class AuthenticationTest extends Base
+{
+    public function testHasCaptcha()
+    {
+        $u = new User($this->container);
+        $a = new Authentication($this->container);
+
+        $this->assertFalse($a->hasCaptcha('not_found'));
+        $this->assertFalse($a->hasCaptcha('admin'));
+
+        $this->assertTrue($u->incrementFailedLogin('admin'));
+        $this->assertTrue($u->incrementFailedLogin('admin'));
+        $this->assertTrue($u->incrementFailedLogin('admin'));
+
+        $this->assertFalse($a->hasCaptcha('not_found'));
+        $this->assertTrue($a->hasCaptcha('admin'));
+    }
+
+    public function testHandleFailedLogin()
+    {
+        $u = new User($this->container);
+        $a = new Authentication($this->container);
+
+        $this->assertFalse($u->isLocked('admin'));
+
+        for ($i = 0; $i <= 6; $i++) {
+            $a->handleFailedLogin('admin');
+        }
+
+        $this->assertTrue($u->isLocked('admin'));
+    }
+}
diff --git a/tests/units/UserTest.php b/tests/units/UserTest.php
index fcdf3934..6c68dfd2 100644
--- a/tests/units/UserTest.php
+++ b/tests/units/UserTest.php
@@ -12,6 +12,31 @@ use Model\Project;
 
 class UserTest extends Base
 {
+    public function testFailedLogin()
+    {
+        $u = new User($this->container);
+
+        $this->assertEquals(0, $u->getFailedLogin('admin'));
+        $this->assertEquals(0, $u->getFailedLogin('not_found'));
+
+        $this->assertTrue($u->incrementFailedLogin('admin'));
+        $this->assertTrue($u->incrementFailedLogin('admin'));
+
+        $this->assertEquals(2, $u->getFailedLogin('admin'));
+        $this->assertTrue($u->resetFailedLogin('admin'));
+        $this->assertEquals(0, $u->getFailedLogin('admin'));
+    }
+
+    public function testLocking()
+    {
+        $u = new User($this->container);
+
+        $this->assertFalse($u->isLocked('admin'));
+        $this->assertFalse($u->isLocked('not_found'));
+        $this->assertTrue($u->lock('admin', 1));
+        $this->assertTrue($u->isLocked('admin'));
+    }
+
     public function testGetByEmail()
     {
         $u = new User($this->container);
-- 
cgit v1.2.3