public function testShouldRefuseMultipleRequestsInShortInterval()
{
$user_data = UserFactory::generateUser();
$r = new Request(array('email' => $user_data['email']));
$response = ResetController::apiCreate($r);
try {
ResetController::apiCreate($r);
} catch (InvalidParameterException $expected) {
$message = $expected->getMessage();
}
$this->assertEquals('passwordResetMinWait', $message);
// time travel
$reset_sent_at = ApiUtils::GetStringTime(time() - PASSWORD_RESET_MIN_WAIT - 1);
$user = UsersDAO::FindByEmail($user_data['email']);
$user->setResetSentAt($reset_sent_at);
UsersDAO::save($user);
ResetController::apiCreate($r);
}
public function testShouldLogInWithNewPassword()
{
$user_data = UserFactory::generateUser();
$r = new Request(array('email' => $user_data['email']));
$create_response = ResetController::apiCreate($r);
$reset_token = $create_response['token'];
$user_data['reset_token'] = $reset_token;
$new_password = '******';
$user_data['password'] = $new_password;
$user_data['password_confirmation'] = $new_password;
$r = new Request($user_data);
$user = UsersDAO::FindByEmail($user_data['email']);
ResetController::apiUpdate($r);
$user->password = $new_password;
$this->login($user);
}
