Merge 75c1f677eb into e468b719cf

FIX mark a successful login attempt when completing a password reset (#10100 )
2024-05-07 05:30:36 +12:00 · 2024-03-14 15:21:25 +13:00
1 changed files with 14 additions and 0 deletions
--- a/src/Security/MemberAuthenticator/ChangePasswordHandler.php
+++ b/src/Security/MemberAuthenticator/ChangePasswordHandler.php
@ -13,6 +13,7 @@ use SilverStripe\ORM\FieldType\DBField;
 use SilverStripe\ORM\ValidationException;
 use SilverStripe\Security\Authenticator;
 use SilverStripe\Security\IdentityStore;
+use SilverStripe\Security\LoginAttempt;
 use SilverStripe\Security\Member;
 use SilverStripe\Security\Security;

@ -267,6 +268,19 @@ class ChangePasswordHandler extends RequestHandler
        // Clear locked out status
        $member->LockedOutUntil = null;
        $member->FailedLoginCount = null;
+
+        // Create a successful 'LoginAttempt' as the password is reset
+        $loginAttempt = LoginAttempt::create();
+        $loginAttempt->Status = LoginAttempt::SUCCESS;
+        $loginAttempt->MemberID = $member->ID;
+
+        if ($member->Email) {
+            $loginAttempt->setEmail($member->Email);
+        }
+
+        $loginAttempt->IP = $this->getRequest()->getIP();
+        $loginAttempt->write();
+
        // Clear the members login hashes
        $member->AutoLoginHash = null;
        $member->AutoLoginExpired = DBDatetime::create()->now();
Author	SHA1	Message	Date
Will Rossiter	615e368e19	Merge `75c1f677eb` into `e468b719cf`	2024-05-07 05:30:36 +12:00
Will Rossiter	75c1f677eb	FIX mark a successful login attempt when completing a password reset (#10100 )	2024-03-14 15:21:25 +13:00