FIX mark a successful login attempt when completing a password reset (#10099)

This commit is contained in:
Will Rossiter 2024-03-14 15:09:03 +13:00 committed by Will Rossiter
parent 8f48e9bd71
commit 9361382be3
No known key found for this signature in database
GPG Key ID: 7FD2A809B22259EF

View File

@ -13,6 +13,7 @@ use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\ORM\ValidationException; use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Authenticator; use SilverStripe\Security\Authenticator;
use SilverStripe\Security\IdentityStore; use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LoginAttempt;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
use SilverStripe\Security\Security; use SilverStripe\Security\Security;
@ -267,6 +268,21 @@ class ChangePasswordHandler extends RequestHandler
// Clear locked out status // Clear locked out status
$member->LockedOutUntil = null; $member->LockedOutUntil = null;
$member->FailedLoginCount = null; $member->FailedLoginCount = null;
// Create a successful 'LoginAttempt' as the password is reset
if (Security::config()->get('login_recording')) {
$loginAttempt = LoginAttempt::create();
$loginAttempt->Status = LoginAttempt::SUCCESS;
$loginAttempt->MemberID = $member->ID;
if ($member->Email) {
$loginAttempt->setEmail($member->Email);
}
$loginAttempt->IP = $this->getRequest()->getIP();
$loginAttempt->write();
}
// Clear the members login hashes // Clear the members login hashes
$member->AutoLoginHash = null; $member->AutoLoginHash = null;
$member->AutoLoginExpired = DBDatetime::create()->now(); $member->AutoLoginExpired = DBDatetime::create()->now();