2023-02-22 00:55:31 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2022-04-06 19:58:12 +01:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
|
|
RSpec.describe SuspiciousSignInDetector do
|
|
|
|
|
describe '#suspicious?' do
|
2023-02-20 04:24:14 +00:00
|
|
|
subject { described_class.new(user).suspicious?(request) }
|
|
|
|
|
|
2022-04-06 19:58:12 +01:00
|
|
|
let(:user) { Fabricate(:user, current_sign_in_at: 1.day.ago) }
|
2023-06-22 13:55:22 +01:00
|
|
|
let(:request) { instance_double(ActionDispatch::Request, remote_ip: remote_ip) }
|
2022-04-06 19:58:12 +01:00
|
|
|
let(:remote_ip) { nil }
|
|
|
|
|
|
|
|
|
|
context 'when user has 2FA enabled' do
|
|
|
|
|
before do
|
|
|
|
|
user.update!(otp_required_for_login: true)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns false' do
|
|
|
|
|
expect(subject).to be false
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when exact IP has been used before' do
|
|
|
|
|
let(:remote_ip) { '1.1.1.1' }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
user.update!(sign_up_ip: remote_ip)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns false' do
|
|
|
|
|
expect(subject).to be false
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when similar IP has been used before' do
|
|
|
|
|
let(:remote_ip) { '1.1.2.2' }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
user.update!(sign_up_ip: '1.1.1.1')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns false' do
|
|
|
|
|
expect(subject).to be false
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when IP is completely unfamiliar' do
|
|
|
|
|
let(:remote_ip) { '2.2.2.2' }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
user.update!(sign_up_ip: '1.1.1.1')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'returns true' do
|
|
|
|
|
expect(subject).to be true
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
