mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
Reset FailedLoginCount on successful password reset
This commit is contained in:
parent
41cdacba06
commit
c047a7b990
@ -105,6 +105,11 @@ class ChangePasswordForm extends Form {
|
|||||||
// TODO Add confirmation message to login redirect
|
// TODO Add confirmation message to login redirect
|
||||||
Session::clear('AutoLoginHash');
|
Session::clear('AutoLoginHash');
|
||||||
|
|
||||||
|
// Clear locked out status
|
||||||
|
$member->LockedOutUntil = null;
|
||||||
|
$member->FailedLoginCount = null;
|
||||||
|
$member->write();
|
||||||
|
|
||||||
if (isset($_REQUEST['BackURL'])
|
if (isset($_REQUEST['BackURL'])
|
||||||
&& $_REQUEST['BackURL']
|
&& $_REQUEST['BackURL']
|
||||||
// absolute redirection URLs may cause spoofing
|
// absolute redirection URLs may cause spoofing
|
||||||
|
@ -213,6 +213,9 @@ class SecurityTest extends FunctionalTest {
|
|||||||
|
|
||||||
public function testChangePasswordFromLostPassword() {
|
public function testChangePasswordFromLostPassword() {
|
||||||
$admin = $this->objFromFixture('Member', 'test');
|
$admin = $this->objFromFixture('Member', 'test');
|
||||||
|
$admin->FailedLoginCount = 99;
|
||||||
|
$admin->LockedOutUntil = SS_Datetime::now()->Format('Y-m-d H:i:s');
|
||||||
|
$admin->write();
|
||||||
|
|
||||||
$this->assertNull($admin->AutoLoginHash, 'Hash is empty before lost password');
|
$this->assertNull($admin->AutoLoginHash, 'Hash is empty before lost password');
|
||||||
|
|
||||||
@ -243,6 +246,10 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$goodResponse = $this->doTestLoginForm('sam@silverstripe.com' , 'changedPassword');
|
$goodResponse = $this->doTestLoginForm('sam@silverstripe.com' , 'changedPassword');
|
||||||
$this->assertEquals(302, $goodResponse->getStatusCode());
|
$this->assertEquals(302, $goodResponse->getStatusCode());
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
|
$admin = DataObject::get_by_id('Member', $admin->ID, false);
|
||||||
|
$this->assertNull($admin->LockedOutUntil);
|
||||||
|
$this->assertEquals(0, $admin->FailedLoginCount);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRepeatedLoginAttemptsLockingPeopleOut() {
|
public function testRepeatedLoginAttemptsLockingPeopleOut() {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user