-/* tslint:disable:no-unused-expression */
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
-import 'mocha'
-import * as chai from 'chai'
-import { cleanupTests, getVideo, registerUser, uploadVideo, userLogin, viewVideo, wait } from '../../../../shared/extra-utils'
-import { flushAndRunServer, setAccessTokensToServers } from '../../../../shared/extra-utils/index'
-
-const expect = chai.expect
+import { expect } from 'chai'
+import { wait } from '@shared/core-utils'
+import { HttpStatusCode } from '@shared/models'
+import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
describe('Test application behind a reverse proxy', function () {
- let server = null
- let videoId
+ let server: PeerTubeServer
+ let userAccessToken: string
+ let videoId: string
before(async function () {
- this.timeout(30000)
+ this.timeout(60000)
const config = {
rates_limit: {
}
}
- server = await flushAndRunServer(1, config)
+ server = await createSingleServer(1, config)
await setAccessTokensToServers([ server ])
- const { body } = await uploadVideo(server.url, server.accessToken, {})
- videoId = body.video.uuid
+ userAccessToken = await server.users.generateUserAndToken('user')
+
+ const { uuid } = await server.videos.upload()
+ videoId = uuid
})
it('Should view a video only once with the same IP by default', async function () {
- this.timeout(20000)
+ this.timeout(40000)
- await viewVideo(server.url, videoId)
- await viewVideo(server.url, videoId)
+ await server.views.simulateView({ id: videoId })
+ await server.views.simulateView({ id: videoId })
// Wait the repeatable job
await wait(8000)
- const { body } = await getVideo(server.url, videoId)
- expect(body.views).to.equal(1)
+ const video = await server.videos.get({ id: videoId })
+ expect(video.views).to.equal(1)
})
it('Should view a video 2 times with the X-Forwarded-For header set', async function () {
this.timeout(20000)
- await viewVideo(server.url, videoId, 204, '0.0.0.1,127.0.0.1')
- await viewVideo(server.url, videoId, 204, '0.0.0.2,127.0.0.1')
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.1,127.0.0.1' })
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.2,127.0.0.1' })
// Wait the repeatable job
await wait(8000)
- const { body } = await getVideo(server.url, videoId)
- expect(body.views).to.equal(3)
+ const video = await server.videos.get({ id: videoId })
+ expect(video.views).to.equal(3)
})
it('Should view a video only once with the same client IP in the X-Forwarded-For header', async function () {
this.timeout(20000)
- await viewVideo(server.url, videoId, 204, '0.0.0.4,0.0.0.3,::ffff:127.0.0.1')
- await viewVideo(server.url, videoId, 204, '0.0.0.5,0.0.0.3,127.0.0.1')
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.4,0.0.0.3,::ffff:127.0.0.1' })
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.5,0.0.0.3,127.0.0.1' })
// Wait the repeatable job
await wait(8000)
- const { body } = await getVideo(server.url, videoId)
- expect(body.views).to.equal(4)
+ const video = await server.videos.get({ id: videoId })
+ expect(video.views).to.equal(4)
})
it('Should view a video two times with a different client IP in the X-Forwarded-For header', async function () {
this.timeout(20000)
- await viewVideo(server.url, videoId, 204, '0.0.0.8,0.0.0.6,127.0.0.1')
- await viewVideo(server.url, videoId, 204, '0.0.0.8,0.0.0.7,127.0.0.1')
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.8,0.0.0.6,127.0.0.1' })
+ await server.views.simulateView({ id: videoId, xForwardedFor: '0.0.0.8,0.0.0.7,127.0.0.1' })
// Wait the repeatable job
await wait(8000)
- const { body } = await getVideo(server.url, videoId)
- expect(body.views).to.equal(6)
+ const video = await server.videos.get({ id: videoId })
+ expect(video.views).to.equal(6)
})
it('Should rate limit logins', async function () {
const user = { username: 'root', password: 'fail' }
- for (let i = 0; i < 19; i++) {
- await userLogin(server, user, 400)
+ for (let i = 0; i < 18; i++) {
+ await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
}
- await userLogin(server, user, 429)
+ await server.login.login({ user, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
})
it('Should rate limit signup', async function () {
for (let i = 0; i < 10; i++) {
try {
- await registerUser(server.url, 'test' + i, 'password')
+ await server.registrations.register({ username: 'test' + i })
} catch {
// empty
}
}
- await registerUser(server.url, 'test42', 'password', 429)
+ await server.registrations.register({ username: 'test42', expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
})
it('Should not rate limit failed signup', async function () {
await wait(7000)
for (let i = 0; i < 3; i++) {
- await registerUser(server.url, 'test' + i, 'password', 409)
+ await server.registrations.register({ username: 'test' + i, expectedStatus: HttpStatusCode.CONFLICT_409 })
}
- await registerUser(server.url, 'test43', 'password', 204)
+ await server.registrations.register({ username: 'test43', expectedStatus: HttpStatusCode.NO_CONTENT_204 })
})
for (let i = 0; i < 100; i++) {
try {
- await getVideo(server.url, videoId)
+ await server.videos.get({ id: videoId })
} catch {
// don't care if it fails
}
}
- await getVideo(server.url, videoId, 429)
+ await server.videos.get({ id: videoId, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
+ })
+
+ it('Should rate limit API calls with a user but not with an admin', async function () {
+ await server.videos.get({ id: videoId, token: userAccessToken, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
+
+ await server.videos.get({ id: videoId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 })
})
after(async function () {