Merge pull request #2112 from JangoCG/feature/rate-limit-join-codes

feat: protect join codes from brute-force attacks
This commit is contained in:
Jorge Manrubia
2025-12-14 09:43:28 +01:00
committed by GitHub
2 changed files with 9 additions and 0 deletions
@@ -94,4 +94,12 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
assert_response :unprocessable_entity
end
end
test "create is rate limited" do
Rails.cache.stubs(:increment).returns(11)
post join_path(code: @join_code.code, script_name: @account.slug), params: { email_address: "test@example.com" }
assert_response :too_many_requests
end
end