Commit 76c5a987 authored by Fabrice Gangler's avatar Fabrice Gangler 🎨
Browse files

REFACTOR(sign up form): remove magic number (anti-spam time)

parent f51da072
......@@ -252,6 +252,15 @@ Configure::write('DATABASETEST', 'tests');
// Max number of elements (screenshots/review...) display
Configure::write('MAX_DISPLAY', 3);
// Min time to send sign up form (limit spam by bots)
Configure::write('DEFAULT_MIN_TIME_TO_SEND_SIGNUP_FORM', 4);
if (defined('TEST_BYPASS_DEFAULT_MIN_TIME_TO_SEND_SIGNUP_FORM')) { // used by unit test and CI
Configure::write('MIN_TIME_TO_SEND_SIGNUP_FORM', TEST_BYPASS_DEFAULT_MIN_TIME_TO_SEND_SIGNUP_FORM);
} else {
Configure::write('MIN_TIME_TO_SEND_SIGNUP_FORM', Configure::read('DEFAULT_MIN_TIME_TO_SEND_SIGNUP_FORM'));
}
// Session duration
Configure::write('Session', [
'defaults' => 'php',
......@@ -277,6 +286,9 @@ Configure::write(
]
);
//
// Version of comptoir
Configure::write(
'VERSION',
......
......@@ -573,7 +573,7 @@ class UsersController extends AppController
if (isset($availableTokens["$prefixToken"])) {
$tokenTimestamp = $availableTokens["$prefixToken"]['date'];
$diffTimestamp = time() - $tokenTimestamp;
if ($diffTimestamp >= 4) { // @@@TODO magic number !!!
if ($diffTimestamp >= Configure::read('MIN_TIME_TO_SEND_SIGNUP_FORM')) {
return false;
}
}
......
......@@ -129,7 +129,7 @@ class AcceptanceTester extends Actor
// echo "\n-------------\n$randomUsername\n$randomEmail\n---------\n";
// Add delay to look like a real user and not a robot
sleep(4); // @@@TODO magic number !!!
sleep(TEST_MIN_TIME_TO_SEND_SIGNUP_FORM);
$I->submitForm(
'#createAccountForm',
......
......@@ -327,7 +327,7 @@ class UsersControllerTest extends ApiIntegrationTestCase
$this->assertEquals(0, $this->Users->find()->where(['email' => $emailFixture1])->count()); // not exist in DB
// Add delay to look like a real user and not a robot
sleep(4); // @@@TODO magic number !!!
sleep(TEST_MIN_TIME_TO_SEND_SIGNUP_FORM);
// Send form with a valid token in the URL, like a real user (not too quickly)
// --> new user has been created
......
......@@ -5,8 +5,25 @@
* Add additional configuration/setup your application needs when running
* unit tests in this file.
*/
use Cake\Core\Configure;
////////////////////////////////////////////////////////////////////
// Bypass min time to send sign up form (limit spam by bots)
// - it's works for unit tests
// - it's not works for acceptance tests
////////////////////////////////////////////////////////////////////
// define("TEST_BYPASS_DEFAULT_MIN_TIME_TO_SEND_SIGNUP_FORM", 1);
////////////////////////////////////////////////////////////////////
// Application bootstrap
require dirname(__DIR__) . '/config/bootstrap.php';
// Min time to send sign up form (limit spam by bots)
define("TEST_MIN_TIME_TO_SEND_SIGNUP_FORM", Configure::read('MIN_TIME_TO_SEND_SIGNUP_FORM'));
echo "\nMIN_TIME_TO_SEND_SIGNUP_FORM ". TEST_MIN_TIME_TO_SEND_SIGNUP_FORM ." seconde(s)\n";
// Polyfill for array_key_first() function added in PHP 7.3.
if (!function_exists('array_key_first')) {
function array_key_first(array $array)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment