suspicious_sign_in_detector_spec.rb 1.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
  1. require 'rails_helper'
  2. RSpec.describe SuspiciousSignInDetector do
  3. describe '#suspicious?' do
  4. let(:user) { Fabricate(:user, current_sign_in_at: 1.day.ago) }
  5. let(:request) { double(remote_ip: remote_ip) }
  6. let(:remote_ip) { nil }
  7. subject { described_class.new(user).suspicious?(request) }
  8. context 'when user has 2FA enabled' do
  9. before do
  10. user.update!(otp_required_for_login: true)
  11. end
  12. it 'returns false' do
  13. expect(subject).to be false
  14. end
  15. end
  16. context 'when exact IP has been used before' do
  17. let(:remote_ip) { '1.1.1.1' }
  18. before do
  19. user.update!(sign_up_ip: remote_ip)
  20. end
  21. it 'returns false' do
  22. expect(subject).to be false
  23. end
  24. end
  25. context 'when similar IP has been used before' do
  26. let(:remote_ip) { '1.1.2.2' }
  27. before do
  28. user.update!(sign_up_ip: '1.1.1.1')
  29. end
  30. it 'returns false' do
  31. expect(subject).to be false
  32. end
  33. end
  34. context 'when IP is completely unfamiliar' do
  35. let(:remote_ip) { '2.2.2.2' }
  36. before do
  37. user.update!(sign_up_ip: '1.1.1.1')
  38. end
  39. it 'returns true' do
  40. expect(subject).to be true
  41. end
  42. end
  43. end
  44. end