Skip to content

Commit

Permalink
count with same email and ip address
Browse files Browse the repository at this point in the history
  • Loading branch information
mrkeksz committed Dec 21, 2023
1 parent 1755025 commit 3b1df36
Show file tree
Hide file tree
Showing 4 changed files with 96 additions and 81 deletions.
5 changes: 4 additions & 1 deletion src/email-verification/email-verification-sending-limit.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,10 @@ export class EmailVerificationSendingLimitService {
private async getSendingAttemptsCount(senderIp: string, email: string): Promise<number> {
const timeThreshold = new Date(Date.now() - this.lifetimeMilliseconds)
const sendingAttemptsCount = await this.sendingAttemptRepository.count({
where: {senderIp, createdAt: MoreThan(timeThreshold)},
where: [
{senderIp, createdAt: MoreThan(timeThreshold)},
{email, createdAt: MoreThan(timeThreshold)},
],
take: this.maxSendingAttempts,
cache: false,
})
Expand Down
74 changes: 0 additions & 74 deletions src/interceptors/timeout.interceptor.spec.ts
View file

This file was deleted.

92 changes: 91 additions & 1 deletion test/email-verification/gql-send-verification-code-to-email.e2e-spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ describe('sendVerificationCodeToEmail', () => {
})
})

it('should throw an error if sending attempts limit exceeded', async () => {
it('should throw an error if sending attempts limit exceeded with same ip', async () => {
const emailVerificationCodeSendingAttemptRepository = app.get(
getRepositoryToken(EmailVerificationCodeSendingAttempt),
)
Expand Down Expand Up @@ -175,6 +175,96 @@ describe('sendVerificationCodeToEmail', () => {
expect(emailVerificationCodeSendingAttempts).toEqual([attempt1, attempt2, attempt3])
})

it('should throw an error if sending attempts limit exceeded with same email', async () => {
const email = '[email protected]'

const emailVerificationCodeSendingAttemptRepository = app.get(
getRepositoryToken(EmailVerificationCodeSendingAttempt),
)
const attempt1 = await emailVerificationCodeSendingAttemptRepository.save({
email,
senderIp: '::ffff:127.0.0.2',
})
const attempt2 = await emailVerificationCodeSendingAttemptRepository.save({
email,
senderIp: '::ffff:127.0.0.3',
})
const attempt3 = await emailVerificationCodeSendingAttemptRepository.save({
email,
senderIp: '::ffff:127.0.0.4',
})

const result = await gqlService.sendRequest({
queryType: 'mutation',
query: {
operation: 'sendVerificationCodeToEmail',
variables: {email: {type: 'String!', value: email}},
},
})

expect(result.body).toEqual({
errors: [
{
message:
'You have exceeded the limit of email verification requests for the last 10 minutes.',
locations: [{line: 2, column: 7}],
path: ['sendVerificationCodeToEmail'],
code: 'FORBIDDEN',
},
],
data: null,
})

const emailVerificationCodeSendingAttempts =
await emailVerificationCodeSendingAttemptRepository.find({order: {createdAt: 'ASC'}})
expect(emailVerificationCodeSendingAttempts).toHaveLength(3)
expect(emailVerificationCodeSendingAttempts).toEqual([attempt1, attempt2, attempt3])
})

it('should throw an error if sending attempts limit exceeded with same email and ip', async () => {
const emailVerificationCodeSendingAttemptRepository = app.get(
getRepositoryToken(EmailVerificationCodeSendingAttempt),
)
const attempt1 = await emailVerificationCodeSendingAttemptRepository.save({
email: '[email protected]',
senderIp: '::ffff:127.0.0.1',
})
const attempt2 = await emailVerificationCodeSendingAttemptRepository.save({
email: '[email protected]',
senderIp: '::ffff:127.0.0.2',
})
const attempt3 = await emailVerificationCodeSendingAttemptRepository.save({
email: '[email protected]',
senderIp: '::ffff:127.0.0.1',
})

const result = await gqlService.sendRequest({
queryType: 'mutation',
query: {
operation: 'sendVerificationCodeToEmail',
variables: {email: {type: 'String!', value: '[email protected]'}},
},
})

expect(result.body).toEqual({
errors: [
{
message:
'You have exceeded the limit of email verification requests for the last 10 minutes.',
locations: [{line: 2, column: 7}],
path: ['sendVerificationCodeToEmail'],
code: 'FORBIDDEN',
},
],
data: null,
})

const emailVerificationCodeSendingAttempts =
await emailVerificationCodeSendingAttemptRepository.find({order: {createdAt: 'ASC'}})
expect(emailVerificationCodeSendingAttempts).toHaveLength(3)
expect(emailVerificationCodeSendingAttempts).toEqual([attempt1, attempt2, attempt3])
})

it('should throw InternalServerError', async () => {
const emailVerificationSendingLimitService = app.get(EmailVerificationSendingLimitService)
jest
Expand Down
6 changes: 1 addition & 5 deletions test/email-verification/gql-verify-email-code.e2e-spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -890,11 +890,6 @@ describe('VerifyEmailCode', () => {
)
jest
.spyOn(inputLimitService, 'enforceEmailVerificationInputLimit')
.mockImplementation(async () => {})

const emailVerificationService = app.get(EmailVerificationService)
jest
.spyOn(emailVerificationService, 'verifyEmail')
.mockImplementation(() => new Promise(resolve => setTimeout(resolve, 1)))

const result = await gqlService.sendRequest({
Expand Down Expand Up @@ -1018,6 +1013,7 @@ describe('VerifyEmailCode', () => {
app.get(getRepositoryToken(EmailVerificationCodeInputAttempt))
const emailVerificationCodeInputAttempts =
await emailVerificationCodeInputAttemptRepository.find()
expect(emailVerificationCodeInputAttempts.length).toEqual(1)
expect(emailVerificationCodeInputAttempts).toEqual([
{
id: expect.any(String),
Expand Down

0 comments on commit 3b1df36

Please sign in to comment.