enable abuse to test development keys
This commit is contained in:
parent
0a2eee0118
commit
383cff5eb8
2 changed files with 34 additions and 27 deletions
2
.env
2
.env
|
@ -13,7 +13,7 @@ _APP_SYSTEM_EMAIL_ADDRESS=team@appwrite.io
|
|||
_APP_EMAIL_SECURITY=security@appwrite.io
|
||||
_APP_EMAIL_CERTIFICATES=certificates@appwrite.io
|
||||
_APP_SYSTEM_RESPONSE_FORMAT=
|
||||
_APP_OPTIONS_ABUSE=disabled
|
||||
_APP_OPTIONS_ABUSE=enabled
|
||||
_APP_OPTIONS_ROUTER_PROTECTION=disabled
|
||||
_APP_OPTIONS_FORCE_HTTPS=disabled
|
||||
_APP_OPTIONS_FUNCTIONS_FORCE_HTTPS=disabled
|
||||
|
|
|
@ -113,7 +113,7 @@ trait ProjectsDevelopmentKeys
|
|||
* @depends testCreateProject
|
||||
* @group developmentKeys
|
||||
*/
|
||||
public function testValidateProjectDevelopmentKey($data): void
|
||||
public function testNoRateLimitWithDevelopmentKey($data): void
|
||||
{
|
||||
$id = $data['projectId'] ?? '';
|
||||
|
||||
|
@ -127,33 +127,38 @@ trait ProjectsDevelopmentKeys
|
|||
'name' => 'Key Test',
|
||||
'expire' => DateTime::addSeconds(new \DateTime(), 3600),
|
||||
]);
|
||||
var_dump($response['body']['secret']);
|
||||
$response = $this->client->call(Client::METHOD_GET, '/health', [
|
||||
|
||||
$developmentKey = $response['body']['secret'];
|
||||
|
||||
//
|
||||
for($i = 0; $i < 11; $i++) {
|
||||
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $id,
|
||||
], [
|
||||
'email' => 'user@appwrite.io',
|
||||
'password' => 'password'
|
||||
]);
|
||||
}
|
||||
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $id,
|
||||
'x-appwrite-key' => $response['body']['secret']
|
||||
], []);
|
||||
|
||||
$this->assertEquals(200, $response['headers']['status-code']);
|
||||
|
||||
/**
|
||||
* Test for SUCCESS
|
||||
*/
|
||||
$response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/development-keys', array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
], $this->getHeaders()), [
|
||||
'name' => 'Key Test',
|
||||
'expire' => DateTime::addSeconds(new \DateTime(), 3600),
|
||||
], [
|
||||
'email' => 'user@appwrite.io',
|
||||
'password' => 'password'
|
||||
]);
|
||||
$this->assertEquals('429', $res['headers']['status-code']);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_GET, '/health', [
|
||||
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $id,
|
||||
'x-appwrite-key' => $response['body']['secret']
|
||||
], []);
|
||||
'x-appwrite-development-key' => $developmentKey
|
||||
], [
|
||||
'email' => 'user@appwrite.io',
|
||||
'password' => 'password'
|
||||
]);
|
||||
$this->assertEquals('401', $res['headers']['status-code']);
|
||||
|
||||
$this->assertEquals(200, $response['headers']['status-code']);
|
||||
|
||||
/**
|
||||
* Test for FAILURE
|
||||
|
@ -166,13 +171,15 @@ trait ProjectsDevelopmentKeys
|
|||
'expire' => DateTime::addSeconds(new \DateTime(), -3600),
|
||||
]);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_GET, '/health', [
|
||||
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $id,
|
||||
'x-appwrite-key' => $response['body']['secret']
|
||||
], []);
|
||||
|
||||
$this->assertEquals(401, $response['headers']['status-code']);
|
||||
'x-appwrite-development-key' => $response['body']['secret']
|
||||
], [
|
||||
'email' => 'user@appwrite.io',
|
||||
'password' => 'password'
|
||||
]);
|
||||
$this->assertEquals('429', $res['headers']['status-code']);
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue