From 75c1f677eb5d7f7580b71b18c2f707f5b5ea5e3a Mon Sep 17 00:00:00 2001
From: Will Rossiter <will.rossiter@akqa.com>
Date: Thu, 14 Mar 2024 15:09:03 +1300
Subject: [PATCH] FIX mark a successful login attempt when completing a
 password reset (#10100)

---
 .../MemberAuthenticator/ChangePasswordHandler.php  | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/Security/MemberAuthenticator/ChangePasswordHandler.php b/src/Security/MemberAuthenticator/ChangePasswordHandler.php
index 5aefa310e..9355f9c31 100644
--- a/src/Security/MemberAuthenticator/ChangePasswordHandler.php
+++ b/src/Security/MemberAuthenticator/ChangePasswordHandler.php
@@ -13,6 +13,7 @@ use SilverStripe\ORM\FieldType\DBField;
 use SilverStripe\ORM\ValidationException;
 use SilverStripe\Security\Authenticator;
 use SilverStripe\Security\IdentityStore;
+use SilverStripe\Security\LoginAttempt;
 use SilverStripe\Security\Member;
 use SilverStripe\Security\Security;
 
@@ -267,6 +268,19 @@ class ChangePasswordHandler extends RequestHandler
         // Clear locked out status
         $member->LockedOutUntil = null;
         $member->FailedLoginCount = null;
+
+        // Create a successful 'LoginAttempt' as the password is reset
+        $loginAttempt = LoginAttempt::create();
+        $loginAttempt->Status = LoginAttempt::SUCCESS;
+        $loginAttempt->MemberID = $member->ID;
+
+        if ($member->Email) {
+            $loginAttempt->setEmail($member->Email);
+        }
+
+        $loginAttempt->IP = $this->getRequest()->getIP();
+        $loginAttempt->write();
+
         // Clear the members login hashes
         $member->AutoLoginHash = null;
         $member->AutoLoginExpired = DBDatetime::create()->now();