X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fserver%2Freverse-proxy.ts;h=d0d79c4f616683a361c4684e1448223594dc61b8;hb=8b6f0fd53d12faf54a58602a8bcfab05e8b5947b;hp=9875382374e527087fe6dad511fb266cef3c932e;hpb=7c3b79768bd174b22154e8d2df0b1211e01ee56a;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/tests/api/server/reverse-proxy.ts b/server/tests/api/server/reverse-proxy.ts
index 987538237..d0d79c4f6 100644
--- a/server/tests/api/server/reverse-proxy.ts
+++ b/server/tests/api/server/reverse-proxy.ts
@@ -1,8 +1,8 @@
-/* tslint:disable:no-unused-expression */
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
 
 import 'mocha'
 import * as chai from 'chai'
-import { cleanupTests, getVideo, uploadVideo, userLogin, viewVideo, wait } from '../../../../shared/extra-utils'
+import { cleanupTests, getVideo, registerUser, uploadVideo, userLogin, viewVideo, wait } from '../../../../shared/extra-utils'
 import { flushAndRunServer, setAccessTokensToServers } from '../../../../shared/extra-utils/index'
 
 const expect = chai.expect
@@ -13,7 +13,27 @@ describe('Test application behind a reverse proxy', function () {
 
   before(async function () {
     this.timeout(30000)
-    server = await flushAndRunServer(1)
+
+    const config = {
+      rates_limit: {
+        api: {
+          max: 50,
+          window: 5000
+        },
+        signup: {
+          max: 3,
+          window: 5000
+        },
+        login: {
+          max: 20
+        }
+      },
+      signup: {
+        limit: 20
+      }
+    }
+
+    server = await flushAndRunServer(1, config)
     await setAccessTokensToServers([ server ])
 
     const { body } = await uploadVideo(server.url, server.accessToken, {})
@@ -82,6 +102,47 @@ describe('Test application behind a reverse proxy', function () {
     await userLogin(server, user, 429)
   })
 
+  it('Should rate limit signup', async function () {
+    for (let i = 0; i < 10; i++) {
+      try {
+        await registerUser(server.url, 'test' + i, 'password')
+      } catch {
+        // empty
+      }
+    }
+
+    await registerUser(server.url, 'test42', 'password', 429)
+  })
+
+  it('Should not rate limit failed signup', async function () {
+    this.timeout(30000)
+
+    await wait(7000)
+
+    for (let i = 0; i < 3; i++) {
+      await registerUser(server.url, 'test' + i, 'password', 409)
+    }
+
+    await registerUser(server.url, 'test43', 'password', 204)
+
+  })
+
+  it('Should rate limit API calls', async function () {
+    this.timeout(30000)
+
+    await wait(7000)
+
+    for (let i = 0; i < 100; i++) {
+      try {
+        await getVideo(server.url, videoId)
+      } catch {
+        // don't care if it fails
+      }
+    }
+
+    await getVideo(server.url, videoId, 429)
+  })
+
   after(async function () {
     await cleanupTests([ server ])
   })