abuse/tests/Abuse/Base.php at 96b8499af0d0c3c3fef9b8456bae62322da78dd7 · utopia-php/abuse · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php

namespace Utopia\Tests;

use PHPUnit\Framework\TestCase;
use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\TimeLimit;

abstract class Base extends TestCase
{
    abstract public function getAdapter(string $key, int $limit, int $seconds): TimeLimit;

    /**
     * Test a static key with a limit of 2 requests per second
     */
    public function testStaticKey(): void
    {
        $adapter = $this->getAdapter('static-key', 2, 1);
        $abuse = new Abuse($adapter);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), true);
    }

    /**
     * Test a dynamic key with a limit of 2 requests per second
     */
    public function testDynamicKey(): void
    {
        $adapter = $this->getAdapter('dynamic-key-{{ip}}', 2, 1);
        $adapter->setParam('{{ip}}', '0.0.0.10');
        $abuse = new Abuse($adapter);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), true);
    }

    /**
     * Test a dynamic key with 2 params
     */
    public function testDynamicKeyWith2Params(): void
    {
        $adapter = $this->getAdapter('two-params-{{ip}}-{{email}}', 2, 1);
        $adapter->setParam('{{ip}}', '0.0.0.10');
        $adapter->setParam('{{email}}', 'test@test.com');
        $abuse = new Abuse($adapter);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), false);
        $this->assertSame($abuse->check(), true);
    }

    /**
     * Test a dynamic key with higher request rate like 10 requests per second
     */
    public function testDynamicKeyFastRequests(): void
    {
        $adapter = $this->getAdapter('fast-requests-{{ip}}', 10, 1);
        $adapter->setParam('{{ip}}', '0.0.0.10');
        $abuse = new Abuse($adapter);
        for ($i = 0; $i < 10; $i++) {
            $this->assertSame($abuse->check(), false);
        }
        $this->assertSame($abuse->check(), true);
    }

    /**
     * Test that the limit is reset after the time limit
     */
    public function testLimitReset(): void
    {
        $adapter = $this->getAdapter('limit-reset-{{ip}}', 10, 2);
        $adapter->setParam('{{ip}}', '127.0.0.1');
        $abuse = new Abuse($adapter);
        for ($i = 0; $i < 10; $i++) {
            $this->assertSame($abuse->check(), false);
        }
        $this->assertSame($abuse->check(), true);

        // Wait for the limit to reset
        sleep(2);

        /** Seems to be a bug in the code where if use the same adapter, it caches the result of the previous check */
        $adapter = $this->getAdapter('limit-reset-{{ip}}', 10, 1);
        $adapter->setParam('{{ip}}', '127.0.0.1');
        $abuse = new Abuse($adapter);
        $this->assertSame($abuse->check(), false);
    }

    /**
     * Verify that the time format is correct
     */
    public function testTimeFormat(): void
    {
        $now = time();
        $adapter = $this->getAdapter('', 1, 1);
        $this->assertSame($adapter->time(), $now);
        $this->assertSame(true, \is_int($adapter->time()));
    }
}