Commits

Andriy Kornatskyy committed 9384ace

Added lockout test case for signin handler.

Comments (0)

Files changed (2)

demos/template/src/membership/web/tests/benchmark_views.py

         """
         b = self.benchmark([
             self.test_validation_errors,
-            self.test_unknown_user,
             self.test_xrsf_token_invalid
         ], 200)
         b.report('signin', baselines={
             'test_validation_errors': 1.0,
-            'test_unknown_user': 1.0,
             'test_xrsf_token_invalid': 0.94
         })
 
             """
             b = self.benchmark([
                 self.test_ajax_validation_errors,
-                self.test_ajax_unknown_user,
                 self.test_ajax_xrsf_token_invalid
             ], 200)
             b.report('ajax-signin', baselines={
                 'test_ajax_validation_errors': 1.0,
-                'test_ajax_unknown_user': 1.0,
                 'test_ajax_xrsf_token_invalid': 0.94
             })
 

demos/template/src/membership/web/tests/test_views.py

         assert AUTH_COOKIE not in self.client.cookies
         assert 'class="error-message"' in self.client.content
 
+    def test_lockout(self):
+        """ Ensure sigin page displays general error message.
+        """
+        self.client.environ['REMOTE_ADDR'] = '192.168.10.101'
+        errors = self.signin('test', 'password')
+        assert not errors
+        assert AUTH_COOKIE not in self.client.cookies
+        assert 'class="error-message"' in self.client.content
+
+        self.signin('test', 'password')
+
+        self.signin('test', 'password')
+        assert 'class="error-message"' in self.client.content
+
+        # after 3rd attempt the access is forbidden
+        self.signin('test', 'password')
+        assert 403 == self.client.follow()
+
     def test_valid_user(self):
         """ Ensure sigin is successful.
         """