parent
d01ec32b3d
commit
bd41eacb10
@ -0,0 +1,20 @@ |
|||||||
|
#encoding: utf-8 |
||||||
|
|
||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
Given /^the time is ([0-9]+) minutes later$/ do |duration| |
||||||
|
Timecop.travel(Time.now + duration.to_i.minutes) |
||||||
|
end |
||||||
|
|
||||||
|
After do |
||||||
|
Timecop.return |
||||||
|
end |
@ -0,0 +1,35 @@ |
|||||||
|
#encoding: utf-8 |
||||||
|
|
||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
Feature: Prevent brute force attacks |
||||||
|
Background: |
||||||
|
Given users are blocked for 5 minutes after 2 failed login attempts |
||||||
|
And there is a user named "bob" |
||||||
|
|
||||||
|
Scenario: A user failing to login on the first time can login on second attempt |
||||||
|
When I try to log in with user "bob" and a wrong password |
||||||
|
Then I should not see "Bob Bobbit" |
||||||
|
When I try to log in with user "bob" |
||||||
|
Then I should see "Bob Bobbit" |
||||||
|
|
||||||
|
Scenario: A user can't login after two failed attempts, but can after waiting 5 minutes |
||||||
|
When I try to log in with user "bob" and a wrong password |
||||||
|
Then I should not see "Bob Bobbit" |
||||||
|
When I try to log in with user "bob" and a wrong password |
||||||
|
Then I should not see "Bob Bobbit" |
||||||
|
When I try to log in with user "bob" |
||||||
|
Then I should not see "Bob Bobbit" |
||||||
|
When the time is 6 minutes later |
||||||
|
And I try to log in with user "bob" |
||||||
|
Then I should see "Bob Bobbit" |
||||||
|
|
Loading…
Reference in new issue