X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fserver%2Freverse-proxy.ts;h=d882f0bde79fe70e8c65069da6837eaed9adaed1;hb=77239b425a8e00822a53c9907415832a473c3eb6;hp=fa2063536f4ce89ccd52b709016c12d23ba94686;hpb=b211106695bb82f6c32e53306081b5262c3d109d;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/tests/api/server/reverse-proxy.ts b/server/tests/api/server/reverse-proxy.ts
index fa2063536..d882f0bde 100644
--- a/server/tests/api/server/reverse-proxy.ts
+++ b/server/tests/api/server/reverse-proxy.ts
@@ -7,10 +7,11 @@ import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServ
 
 describe('Test application behind a reverse proxy', function () {
   let server: PeerTubeServer
+  let userAccessToken: string
   let videoId: string
 
   before(async function () {
-    this.timeout(30000)
+    this.timeout(60000)
 
     const config = {
       rates_limit: {
@@ -34,12 +35,14 @@ describe('Test application behind a reverse proxy', function () {
     server = await createSingleServer(1, config)
     await setAccessTokensToServers([ server ])
 
+    userAccessToken = await server.users.generateUserAndToken('user')
+
     const { uuid } = await server.videos.upload()
     videoId = uuid
   })
 
   it('Should view a video only once with the same IP by default', async function () {
-    this.timeout(20000)
+    this.timeout(40000)
 
     await server.views.simulateView({ id: videoId })
     await server.views.simulateView({ id: videoId })
@@ -93,7 +96,7 @@ describe('Test application behind a reverse proxy', function () {
   it('Should rate limit logins', async function () {
     const user = { username: 'root', password: 'fail' }
 
-    for (let i = 0; i < 19; i++) {
+    for (let i = 0; i < 18; i++) {
       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
     }
 
@@ -141,6 +144,12 @@ describe('Test application behind a reverse proxy', function () {
     await server.videos.get({ id: videoId, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
   })
 
+  it('Should rate limit API calls with a user but not with an admin', async function () {
+    await server.videos.get({ id: videoId, token: userAccessToken, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 })
+
+    await server.videos.get({ id: videoId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 })
+  })
+
   after(async function () {
     await cleanupTests([ server ])
   })