According to the implementation of the functionality, if a user tries to log in with an incorrect password for 5 attempts, the account should be blocked for 60 minutes.
Precondition: User is registered
Step to reproduce
Sent POST request 6 times using the example below: replace email with existing email in BD and incorrect password
curl --location 'http://0.0.0.0:8083/api/v1/auth/authenticate' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "email",
"password": "password"
}'
Expected result: error message: "The request was rejected due to an incorrect number of login attempts for the user with email='icedlate.test@gmail.com'. Try again in 60 minutes or reset your password"
Actual result: error message: "The request was rejected due to an incorrect number of login attempts for the user with email='icedlate.test@gmail.com'. Try again in 30 minutes or reset your password"
TetianaPerinha
commented
1 month ago
According to the implementation of the functionality, if a user tries to log in with an incorrect password for 5 attempts, the account should be blocked for 60 minutes.
Precondition: User is registered
Step to reproduce Sent POST request 6 times using the example below: replace email with existing email in BD and incorrect password curl --location 'http://0.0.0.0:8083/api/v1/auth/authenticate' \ --header 'Content-Type: application/json' \ --data-raw '{ "email": "email", "password": "password"
}'
Expected result: error message: "The request was rejected due to an incorrect number of login attempts for the user with email='icedlate.test@gmail.com'. Try again in 60 minutes or reset your password"
Actual result: error message: "The request was rejected due to an incorrect number of login attempts for the user with email='icedlate.test@gmail.com'. Try again in 30 minutes or reset your password"