bgneal@472
|
1 """
|
bgneal@472
|
2 Tests for the rate limiting function in the antispam application.
|
bgneal@472
|
3
|
bgneal@472
|
4 """
|
bgneal@472
|
5 import redis
|
bgneal@472
|
6 from django.test import TestCase
|
bgneal@472
|
7 from django.core.urlresolvers import reverse
|
bgneal@472
|
8
|
bgneal@472
|
9 from antispam.rate_limit import _make_key
|
bgneal@472
|
10
|
bgneal@472
|
11
|
bgneal@472
|
12 class RateLimitTestCase(TestCase):
|
bgneal@472
|
13 KEY = _make_key('127.0.0.1')
|
bgneal@472
|
14
|
bgneal@472
|
15 def setUp(self):
|
bgneal@472
|
16 self.conn = redis.Redis(host='localhost', port=6379, db=0)
|
bgneal@472
|
17 self.conn.delete(self.KEY)
|
bgneal@472
|
18
|
bgneal@472
|
19 def tearDown(self):
|
bgneal@472
|
20 self.conn.delete(self.KEY)
|
bgneal@472
|
21
|
bgneal@472
|
22 def testRegistrationLockout(self):
|
bgneal@472
|
23
|
bgneal@472
|
24 for i in range(1, 11):
|
bgneal@472
|
25 response = self.client.post(
|
bgneal@472
|
26 reverse('accounts-register'),
|
bgneal@472
|
27 {},
|
bgneal@472
|
28 follow=True)
|
bgneal@472
|
29
|
bgneal@472
|
30 if i < 10:
|
bgneal@472
|
31 self.assertEqual(response.status_code, 200)
|
bgneal@472
|
32 self.assertTemplateUsed(response, 'accounts/register.html')
|
bgneal@472
|
33 elif i >= 10:
|
bgneal@472
|
34 self.assertEqual(response.status_code, 403)
|
bgneal@472
|
35 self.assertTemplateUsed(response, 'antispam/blocked.html')
|
bgneal@472
|
36
|
bgneal@472
|
37 def testLoginLockout(self):
|
bgneal@472
|
38
|
bgneal@472
|
39 for i in range(1, 11):
|
bgneal@472
|
40 response = self.client.post(
|
bgneal@472
|
41 reverse('accounts-login'),
|
bgneal@472
|
42 {},
|
bgneal@472
|
43 follow=True)
|
bgneal@472
|
44
|
bgneal@472
|
45 if i < 10:
|
bgneal@472
|
46 self.assertEqual(response.status_code, 200)
|
bgneal@472
|
47 self.assertTemplateUsed(response, 'accounts/login.html')
|
bgneal@472
|
48 elif i >= 10:
|
bgneal@472
|
49 self.assertEqual(response.status_code, 403)
|
bgneal@472
|
50 self.assertTemplateUsed(response, 'antispam/blocked.html')
|
bgneal@472
|
51
|
bgneal@472
|
52 def testHoneypotLockout(self):
|
bgneal@472
|
53
|
bgneal@472
|
54 response = self.client.post(
|
bgneal@472
|
55 reverse('accounts-register'), {
|
bgneal@472
|
56 'username': u'test_user',
|
bgneal@472
|
57 'email': u'test_user@example.com',
|
bgneal@472
|
58 'password1': u'password',
|
bgneal@472
|
59 'password2': u'password',
|
bgneal@472
|
60 'agree_age': u'on',
|
bgneal@472
|
61 'agree_tos': u'on',
|
bgneal@472
|
62 'agree_privacy': u'on',
|
bgneal@472
|
63 'question1': u'101',
|
bgneal@472
|
64 'question2': u'DsjkdE$',
|
bgneal@472
|
65 },
|
bgneal@472
|
66 follow=True)
|
bgneal@472
|
67
|
bgneal@472
|
68 val = self.conn.get(self.KEY)
|
bgneal@472
|
69 self.assertEqual(val, '1000001')
|
bgneal@472
|
70
|
bgneal@472
|
71 response = self.client.post(
|
bgneal@472
|
72 reverse('accounts-login'),
|
bgneal@472
|
73 {},
|
bgneal@472
|
74 follow=True)
|
bgneal@472
|
75
|
bgneal@472
|
76 self.assertEqual(response.status_code, 403)
|
bgneal@472
|
77 self.assertTemplateUsed(response, 'antispam/blocked.html')
|