Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Inside Spec
- it "should render Invalid Captcha after 3 attempts" do
- 3.to_i.times do
- post :create, :login => 'quentin', :password => 'bad password'
- session[:user_id].should be_nil
- end
- session[:invalid_attempts].to_i.equal?(3).should be_true
- response.should render_template("admin/sessions/new")
- flash.now[:warning].should == "Invalid Capture"
- end
- Inside Controller
- def create
- if session[:invalid_attempts] == nil
- session[:invalid_attempts] = 0
- end
- authenticated_user = captcha_passed? ? Admin::User.authenticate(params[:login], params[:password]) : nil
- if authenticated_user
- self.current_user = authenticated_user
- if successful_login?
- redirect_back_or_default('/admin')
- return
- end
- else #failed login
- valid_username_user = Admin::User.find_by_login(params[:login])
- session[:invalid_attempts] = session[:invalid_attempts].to_i + 1
- if valid_username_user
- valid_username_user.log_failed_login!
- valid_username_user.lock! if should_we_lock?(valid_username_user)
- end
- if valid_username_user && valid_username_user.locked?
- flash[:warning] = "Your account has been locked due to too many failed login attempts"
- render :action => 'deny'
- return
- elsif !captcha_passed?
- if session[:invalid_attempts].to_i > @@captcha_after
- flash[:warning] = "Invalid Capture"
- else
- flash[:warning] = "Invalid username/password"
- end
- render :action => 'new'
- return
- end
- end
- flash[:warning] = "Invalid username/password"
- render :action => 'new'
- end
Add Comment
Please, Sign In to add comment