]>
Commit | Line | Data |
---|---|---|
490b595a C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
3 | import 'mocha' | |
4 | import * as chai from 'chai' | |
c1340a6a | 5 | import { cleanupTests, getVideo, registerUser, uploadVideo, userLogin, viewVideo, wait } from '../../../../shared/extra-utils' |
7c3b7976 | 6 | import { flushAndRunServer, setAccessTokensToServers } from '../../../../shared/extra-utils/index' |
490b595a | 7 | |
7c3b7976 | 8 | const expect = chai.expect |
490b595a C |
9 | |
10 | describe('Test application behind a reverse proxy', function () { | |
11 | let server = null | |
12 | let videoId | |
13 | ||
14 | before(async function () { | |
15 | this.timeout(30000) | |
c1340a6a C |
16 | |
17 | const config = { | |
18 | rates_limit: { | |
19 | api: { | |
20 | max: 50, | |
21 | window: 5000 | |
22 | }, | |
23 | signup: { | |
24 | max: 3, | |
25 | window: 5000 | |
26 | }, | |
27 | login: { | |
28 | max: 20 | |
29 | } | |
30 | }, | |
31 | signup: { | |
32 | limit: 20 | |
33 | } | |
34 | } | |
35 | ||
36 | server = await flushAndRunServer(1, config) | |
490b595a C |
37 | await setAccessTokensToServers([ server ]) |
38 | ||
39 | const { body } = await uploadVideo(server.url, server.accessToken, {}) | |
40 | videoId = body.video.uuid | |
41 | }) | |
42 | ||
43 | it('Should view a video only once with the same IP by default', async function () { | |
6b616860 C |
44 | this.timeout(20000) |
45 | ||
490b595a C |
46 | await viewVideo(server.url, videoId) |
47 | await viewVideo(server.url, videoId) | |
48 | ||
6b616860 C |
49 | // Wait the repeatable job |
50 | await wait(8000) | |
51 | ||
490b595a C |
52 | const { body } = await getVideo(server.url, videoId) |
53 | expect(body.views).to.equal(1) | |
54 | }) | |
55 | ||
56 | it('Should view a video 2 times with the X-Forwarded-For header set', async function () { | |
6b616860 C |
57 | this.timeout(20000) |
58 | ||
490b595a C |
59 | await viewVideo(server.url, videoId, 204, '0.0.0.1,127.0.0.1') |
60 | await viewVideo(server.url, videoId, 204, '0.0.0.2,127.0.0.1') | |
61 | ||
6b616860 C |
62 | // Wait the repeatable job |
63 | await wait(8000) | |
64 | ||
490b595a C |
65 | const { body } = await getVideo(server.url, videoId) |
66 | expect(body.views).to.equal(3) | |
67 | }) | |
68 | ||
69 | it('Should view a video only once with the same client IP in the X-Forwarded-For header', async function () { | |
6b616860 C |
70 | this.timeout(20000) |
71 | ||
490b595a C |
72 | await viewVideo(server.url, videoId, 204, '0.0.0.4,0.0.0.3,::ffff:127.0.0.1') |
73 | await viewVideo(server.url, videoId, 204, '0.0.0.5,0.0.0.3,127.0.0.1') | |
74 | ||
6b616860 C |
75 | // Wait the repeatable job |
76 | await wait(8000) | |
77 | ||
490b595a C |
78 | const { body } = await getVideo(server.url, videoId) |
79 | expect(body.views).to.equal(4) | |
80 | }) | |
81 | ||
82 | it('Should view a video two times with a different client IP in the X-Forwarded-For header', async function () { | |
6b616860 C |
83 | this.timeout(20000) |
84 | ||
490b595a C |
85 | await viewVideo(server.url, videoId, 204, '0.0.0.8,0.0.0.6,127.0.0.1') |
86 | await viewVideo(server.url, videoId, 204, '0.0.0.8,0.0.0.7,127.0.0.1') | |
87 | ||
6b616860 C |
88 | // Wait the repeatable job |
89 | await wait(8000) | |
90 | ||
490b595a C |
91 | const { body } = await getVideo(server.url, videoId) |
92 | expect(body.views).to.equal(6) | |
93 | }) | |
94 | ||
95 | it('Should rate limit logins', async function () { | |
96 | const user = { username: 'root', password: 'fail' } | |
97 | ||
e79d0ba5 | 98 | for (let i = 0; i < 19; i++) { |
490b595a C |
99 | await userLogin(server, user, 400) |
100 | } | |
101 | ||
102 | await userLogin(server, user, 429) | |
103 | }) | |
104 | ||
c1340a6a C |
105 | it('Should rate limit signup', async function () { |
106 | for (let i = 0; i < 3; i++) { | |
107 | await registerUser(server.url, 'test' + i, 'password') | |
108 | } | |
109 | ||
110 | await registerUser(server.url, 'test42', 'password', 429) | |
111 | }) | |
112 | ||
113 | it('Should not rate limit failed signup', async function () { | |
114 | this.timeout(30000) | |
115 | ||
116 | await wait(7000) | |
117 | ||
118 | for (let i = 0; i < 3; i++) { | |
119 | await registerUser(server.url, 'test' + i, 'password', 409) | |
120 | } | |
121 | ||
122 | await registerUser(server.url, 'test43', 'password', 204) | |
123 | ||
124 | }) | |
125 | ||
126 | it('Should rate limit API calls', async function () { | |
127 | this.timeout(30000) | |
128 | ||
129 | await wait(7000) | |
130 | ||
131 | for (let i = 0; i < 50; i++) { | |
132 | await getVideo(server.url, videoId) | |
133 | } | |
134 | ||
135 | await getVideo(server.url, videoId, 429) | |
136 | }) | |
137 | ||
7c3b7976 C |
138 | after(async function () { |
139 | await cleanupTests([ server ]) | |
490b595a C |
140 | }) |
141 | }) |