feat(testing): add test for rate limiter

jsjoeio · jsjoeio · commit 0d5f22314bdb · 2021-04-15T16:36:35.000-07:00
diff --git a/test/e2e/login.test.ts b/test/e2e/login.test.ts
@@ -45,4 +45,51 @@ test.describe("login", () => {
     await page.waitForLoadState("networkidle")
     expect(await page.isVisible("text=Incorrect password"))
   })
+
+  test("should hit the rate limiter for too many unsuccessful logins", options, async ({ page }) => {
+    await page.goto(CODE_SERVER_ADDRESS, { waitUntil: "networkidle" })
+    // Type in password
+    await page.fill(".password", "password123")
+    // Click the submit button and login
+    // The current RateLimiter allows 2 logins per minute plus
+    // 12 logins per hour for a total of 14
+    // See: src/node/routes/login.ts
+    for (let i = 1; i <= 14; i++) {
+      await page.click(".submit")
+      await page.waitForLoadState("networkidle")
+    }
+
+    // The 15th should fail
+    await page.click(".submit")
+    await page.waitForLoadState("networkidle")
+    expect(await page.isVisible("text=Login rate limited!"))
+  })
+
+  // This test takes 8mins to run and is probably not worth adding to our e2e suite
+  // test.only("should not count successful logins against the rate limiter", options, async ({ page }) => {
+  //   for (let i = 1; i <= 14; i++) {
+  //     await page.goto(CODE_SERVER_ADDRESS, { waitUntil: "networkidle" })
+  //     await page.fill(".password", PASSWORD)
+  //     await page.click(".submit")
+  //     await page.waitForLoadState("networkidle")
+  //     // Make sure the editor actually loaded
+  //     await page.isVisible("div.monaco-workbench")
+
+  //     // Delete cookie
+  //     await page.evaluate(() => {
+  //       document.cookie = "key" + "=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;"
+  //       return Promise.resolve()
+  //     })
+
+  //     // Go back to address, which should be the login page
+  //     await page.goto(CODE_SERVER_ADDRESS, { waitUntil: "networkidle" })
+  //   }
+
+  //   // On the 15th time, we should see the editor
+  //   await page.fill(".password", PASSWORD)
+  //   await page.click(".submit")
+  //   await page.waitForLoadState("networkidle")
+  //   // Make sure the editor actually loaded
+  //   expect(await page.isVisible("div.monaco-workbench"))
+  // })
 })
