From cd22fa01980e6c9343012353bd9c43cf61f9838d Mon Sep 17 00:00:00 2001 From: Galen Charlton Date: Fri, 1 Sep 2017 12:31:41 -0400 Subject: [PATCH] LP#1710949: add tests for blocking after failed attempts Enhance the live tests to verify that attempts to log in get blocked after too many failed ones; this assumes a stock value for block_count. General testing plan: [1] Use srfsh to test, e.g., srfsh# request open-ils.auth open-ils.auth.login {"identifier":"99999389406","password":"12345","type":"opac","org":1} [2] Try various scenarios: - wrong password - type = staff but user doesn't have STAFF_LOGIN - repeated failed attempts - barcode is inactive - using "identifier" in conjunction with opac.barcode_regex set - using "username" or "barcode" - supplying a workstation name that exists - ... or does not - user is inactive - user is marked barrred Signed-off-by: Galen Charlton Signed-off-by: Mike Rylander --- .../src/perlmods/live_t/24-lp1710949-login-api.t | 28 +++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t index ba4e4dfc4a..e32ec619c9 100644 --- a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t +++ b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t @@ -1,12 +1,13 @@ #!perl -use Test::More tests => 6; +use Test::More tests => 22; diag("Tests open-ils.auth.login"); use strict; use warnings; use OpenILS::Utils::TestUtils; use OpenILS::Application::AppUtils; +use OpenSRF::Utils::Cache; our $U = "OpenILS::Application::AppUtils"; OpenILS::Utils::TestUtils->new->bootstrap; @@ -67,3 +68,28 @@ $resp = $U->simplereq( is($resp->{textcode}, 'SUCCESS', 'Identifier check for br1mclark OK'); +foreach my $i (1..15) { + $resp = $U->simplereq( + 'open-ils.auth', + 'open-ils.auth.login', { + identifier => 'br1mclark', + password => 'justplainwrong', + type => 'staff' + } + ); + isnt($resp->{textcode}, 'SUCCESS', "Attempt $i: wrong password br1mclark does not work"); +} + +$resp = $U->simplereq( + 'open-ils.auth', + 'open-ils.auth.login', { + identifier => 'br1mclark', + password => 'montyc1234', + type => 'staff' + } +); +isnt($resp->{textcode}, 'SUCCESS', '... and consequently multiple failed attempts block'); + +# and clean up +my $cache = OpenSRF::Utils::Cache->new("global", 0); +$cache->delete_cache('oils_auth_br1mclark_count'); -- 2.11.0