108536490: Implement locked out function.

User is locked if they fail to login 10 times or more.
2026-02-05 02:42:26 -05:00 · 2015-11-30 16:33:45 +00:00
parent ff9e98907e
commit 3b27db98ff
5 changed files with 65 additions and 1 deletions
--- a/tests/app/main/dao/test_users_dao.py
+++ b/tests/app/main/dao/test_users_dao.py
@@ -71,3 +71,37 @@ def test_get_all_users_returns_all_users(notifications_admin, notifications_admi
    users = users_dao.get_all_users()
    assert len(users) == 3
    assert users == [user1, user2, user3]
+
+
+def test_increment_failed_lockout_count_should_increade_count_by_1(notifications_admin, notifications_admin_db):
+    user = User(name='cannot remember password',
+                password='somepassword',
+                email_address='test1@get_all.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1)
+    users_dao.insert_user(user)
+
+    savedUser = users_dao.get_user_by_id(user.id)
+    assert savedUser.failed_login_count == 0
+    users_dao.increment_failed_login_count(user.id)
+    assert users_dao.get_user_by_id(user.id).failed_login_count == 1
+
+
+def test_user_is_locked_if_failed_login_count_is_10_or_greater(notifications_admin, notifications_admin_db):
+    user = User(name='cannot remember password',
+                password='somepassword',
+                email_address='test1@get_all.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1)
+    users_dao.insert_user(user)
+    saved_user = users_dao.get_user_by_id(user.id)
+    assert saved_user.is_locked() is False
+
+    for _ in range(10):
+        users_dao.increment_failed_login_count(user.id)
+
+    saved_user = users_dao.get_user_by_id(user.id)
+    assert saved_user.failed_login_count == 10
+    assert saved_user.is_locked() is True
--- a/tests/app/main/views/test_sign_in.py
+++ b/tests/app/main/views/test_sign_in.py
@@ -34,3 +34,24 @@ def test_temp_create_user(notifications_admin, notifications_admin_db):
                                                            'password': 'val1dPassw0rd!'})

    assert response.status_code == 302
+
+
+def test_should_return_locked_out_true_when_user_is_locked(notifications_admin, notifications_admin_db):
+    user = User(email_address='valid@example.gov.uk',
+                password='val1dPassw0rd!',
+                mobile_number='+441234123123',
+                name='valid',
+                created_at=datetime.now(),
+                role_id=1)
+    users_dao.insert_user(user)
+    for _ in range(10):
+        notifications_admin.test_client().post('/sign-in',
+                                               data={'email_address': 'valid@example.gov.uk',
+                                                     'password': 'whatIsMyPassword!'})
+
+    response = notifications_admin.test_client().post('/sign-in',
+                                                      data={'email_address': 'valid@example.gov.uk',
+                                                            'password': 'val1dPassw0rd!'})
+
+    assert response.status_code == 401
+    assert '"locked_out": true' in response.get_data(as_text=True)