Inside Spec it "should render Invalid Captcha after 3 attempts" do

1. Inside Spec
2.  
3. it "should render Invalid Captcha after 3 attempts" do
4.  
5. 3.to_i.times do
6. post :create, :login => 'quentin', :password => 'bad password'
7. session[:user_id].should be_nil
8. end
9. session[:invalid_attempts].to_i.equal?(3).should be_true
10. response.should render_template("admin/sessions/new")
11.  
12. flash.now[:warning].should == "Invalid Capture"
13.  
14. end
15.  
16. Inside Controller
17.  
18. def create
19.  
20. if session[:invalid_attempts] == nil
21. session[:invalid_attempts] = 0
22. end
23.  
24. authenticated_user = captcha_passed? ? Admin::User.authenticate(params[:login], params[:password]) : nil
25.  
26. if authenticated_user
27. self.current_user = authenticated_user
28. if successful_login?
29. redirect_back_or_default('/admin')
30. return
31. end
32. else #failed login
33.  
34. valid_username_user = Admin::User.find_by_login(params[:login])
35.  
36. session[:invalid_attempts] = session[:invalid_attempts].to_i + 1
37.  
38. if valid_username_user
39. valid_username_user.log_failed_login!
40. valid_username_user.lock! if should_we_lock?(valid_username_user)
41. end
42.  
43. if valid_username_user && valid_username_user.locked?
44. flash[:warning] = "Your account has been locked due to too many failed login attempts"
45. render :action => 'deny'
46. return
47. elsif !captcha_passed?
48. if session[:invalid_attempts].to_i > @@captcha_after
49. flash[:warning] = "Invalid Capture"
50. else
51. flash[:warning] = "Invalid username/password"
52. end
53. render :action => 'new'
54. return
55. end
56. end
57.  
58. flash[:warning] = "Invalid username/password"
59.  
60. render :action => 'new'
61. end