tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

FIX mark a successful login attempt when completing a password reset (#10099)

Browse Source
This commit is contained in:
Will Rossiter 2024-03-14 15:09:03 +13:00 committed by Will Rossiter
parent 8f48e9bd71
commit 9361382be3
No known key found for this signature in database
GPG Key ID: 7FD2A809B22259EF
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/Security/MemberAuthenticator/ChangePasswordHandler.php
View File

@ -13,6 +13,7 @@ use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LoginAttempt;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
@ -267,6 +268,21 @@ class ChangePasswordHandler extends RequestHandler
// Clear locked out status
$member->LockedOutUntil = null;
$member->FailedLoginCount = null;
// Create a successful 'LoginAttempt' as the password is reset
if (Security::config()->get('login_recording')) {
$loginAttempt = LoginAttempt::create();
$loginAttempt->Status = LoginAttempt::SUCCESS;
$loginAttempt->MemberID = $member->ID;
if ($member->Email) {
$loginAttempt->setEmail($member->Email);
}
$loginAttempt->IP = $this->getRequest()->getIP();
$loginAttempt->write();
}
// Clear the members login hashes
$member->AutoLoginHash = null;
$member->AutoLoginExpired = DBDatetime::create()->now();