TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8480 Commits
139 Branches
203 Tags
1.2 GiB
 
 
 
 
 
 
Tag: Branch: Tree: c13a402108
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c13a402108'
${ noResults }
openproject/features/users/brute_force_prevention.feature

41 lines
1.5 KiB
Raw Blame History

#encoding: utf-8
#-- copyright
# OpenProject is a project management system.
#
# Copyright (C) 2012-2013 the OpenProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
Feature: Prevent brute force attacks
Background:
Given users are blocked for 5 minutes after 2 failed login attempts
And there is a user named "bob"
Scenario: A user failing to login on the first time can login on second attempt
When I try to log in with user "bob" and a wrong password
Then I should not see "Bob Bobbit"
When I try to log in with user "bob"
Then I should see "Bob Bobbit"
Scenario: A user can't login after two failed attempts, but can after waiting 5 minutes
When I try to log in with user "bob" and a wrong password
Then I should not see "Bob Bobbit"
When I try to log in with user "bob" and a wrong password
Then I should not see "Bob Bobbit"
When I try to log in with user "bob"
Then I should not see "Bob Bobbit"
When the time is 6 minutes later
And I try to log in with user "bob"
Then I should see "Bob Bobbit"
Scenario: Brute force prevention is disabled
Given users are blocked for 5 minutes after 0 failed login attempts
When I try to log in with user "bob" and a wrong password
Then I should not see "Bob Bobbit"
When I try to log in with user "bob"
Then I should see "Bob Bobbit"