Skip to content

Commit

Permalink
FIX mark a successful login attempt when completing a password reset (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
wilr committed Mar 14, 2024
1 parent 8f48e9b commit ecbad65
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions src/Security/MemberAuthenticator/ChangePasswordHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LoginAttempt;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;

Expand Down Expand Up @@ -267,11 +268,26 @@ public function doChangePassword(array $data, $form)
// Clear locked out status
$member->LockedOutUntil = null;
$member->FailedLoginCount = null;

// Create a successful 'LoginAttempt' as the password is reset
$loginAttempt = LoginAttempt::create();
$loginAttempt->Status = LoginAttempt::SUCCESS;
$loginAttempt->MemberID = $member->ID;

if ($member->Email) {
$loginAttempt->setEmail($member->Email);
}

$loginAttempt->IP = $this->getRequest()->getIP();
$loginAttempt->write();

// Clear the members login hashes
$member->AutoLoginHash = null;
$member->AutoLoginExpired = DBDatetime::create()->now();
$member->write();



if ($member->canLogin()) {
$identityStore = Injector::inst()->get(IdentityStore::class);
$identityStore->logIn($member, false, $this->getRequest());
Expand Down

0 comments on commit ecbad65

Please sign in to comment.