2014-02-12 05:23:40 -05:00
|
|
|
SandboxedModule = require('sandboxed-module')
|
|
|
|
|
sinon = require('sinon')
|
|
|
|
|
require('chai').should()
|
2016-12-19 09:10:51 -05:00
|
|
|
expect = require('chai').expect
|
2014-02-12 05:23:40 -05:00
|
|
|
modulePath = require('path').join __dirname, '../../../../app/js/Features/Security/LoginRateLimiter'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
describe "LoginRateLimiter", ->
|
2016-12-19 09:10:51 -05:00
|
|
|
|
2014-02-12 05:23:40 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@email = "bob@bob.com"
|
2016-12-19 09:10:51 -05:00
|
|
|
@RateLimiter =
|
|
|
|
|
clearRateLimit: sinon.stub()
|
|
|
|
|
addCount: sinon.stub()
|
2014-02-12 05:23:40 -05:00
|
|
|
|
|
|
|
|
@LoginRateLimiter = SandboxedModule.require modulePath, requires:
|
2016-12-19 09:10:51 -05:00
|
|
|
'../../infrastructure/RateLimiter': @RateLimiter
|
|
|
|
|
|
2014-02-12 05:23:40 -05:00
|
|
|
describe "processLoginRequest", ->
|
|
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@RateLimiter.addCount = sinon.stub().callsArgWith(1, null, true)
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
it 'should call RateLimiter.addCount', (done) ->
|
|
|
|
|
@LoginRateLimiter.processLoginRequest @email, (err, allow) =>
|
|
|
|
|
@RateLimiter.addCount.callCount.should.equal 1
|
|
|
|
|
expect(@RateLimiter.addCount.lastCall.args[0].endpointName).to.equal 'login'
|
|
|
|
|
expect(@RateLimiter.addCount.lastCall.args[0].subjectName).to.equal @email
|
2014-02-12 05:23:40 -05:00
|
|
|
done()
|
|
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
describe 'when login is allowed', ->
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@RateLimiter.addCount = sinon.stub().callsArgWith(1, null, true)
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
it 'should call pass allow=true', (done) ->
|
|
|
|
|
@LoginRateLimiter.processLoginRequest @email, (err, allow) =>
|
|
|
|
|
expect(err).to.equal null
|
|
|
|
|
expect(allow).to.equal true
|
|
|
|
|
done()
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
describe 'when login is blocked', ->
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@RateLimiter.addCount = sinon.stub().callsArgWith(1, null, false)
|
2014-09-29 06:42:46 -04:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
it 'should call pass allow=false', (done) ->
|
|
|
|
|
@LoginRateLimiter.processLoginRequest @email, (err, allow) =>
|
|
|
|
|
expect(err).to.equal null
|
|
|
|
|
expect(allow).to.equal false
|
|
|
|
|
done()
|
2014-09-29 06:42:46 -04:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
describe 'when addCount produces an error', ->
|
2014-09-29 06:42:46 -04:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@RateLimiter.addCount = sinon.stub().callsArgWith(1, new Error('woops'))
|
2014-09-29 06:42:46 -04:00
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
|
@LoginRateLimiter.processLoginRequest @email, (err, allow) =>
|
|
|
|
|
expect(err).to.not.equal null
|
|
|
|
|
expect(err).to.be.instanceof Error
|
|
|
|
|
done()
|
2014-09-29 06:42:46 -04:00
|
|
|
|
|
|
|
|
|
2014-02-12 05:23:40 -05:00
|
|
|
describe "recordSuccessfulLogin", ->
|
|
|
|
|
|
2016-12-19 09:10:51 -05:00
|
|
|
beforeEach ->
|
|
|
|
|
@RateLimiter.clearRateLimit = sinon.stub().callsArgWith 2, null
|
|
|
|
|
|
|
|
|
|
it "should call clearRateLimit", (done)->
|
2014-02-12 05:23:40 -05:00
|
|
|
@LoginRateLimiter.recordSuccessfulLogin @email, =>
|
2016-12-19 09:10:51 -05:00
|
|
|
@RateLimiter.clearRateLimit.callCount.should.equal 1
|
|
|
|
|
@RateLimiter.clearRateLimit.calledWith('login', @email).should.equal true
|
|
|
|
|
done()
|
