Skip to content

Commit

Permalink
FIX mark a successful login attempt when completing a password reset (s…
Browse files Browse the repository at this point in the history
  • Loading branch information
wilr committed Jun 5, 2024
1 parent 8f48e9b commit 9361382
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions src/Security/MemberAuthenticator/ChangePasswordHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LoginAttempt;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;

Expand Down Expand Up @@ -267,6 +268,21 @@ public function doChangePassword(array $data, $form)
// Clear locked out status
$member->LockedOutUntil = null;
$member->FailedLoginCount = null;

// Create a successful 'LoginAttempt' as the password is reset
if (Security::config()->get('login_recording')) {
$loginAttempt = LoginAttempt::create();
$loginAttempt->Status = LoginAttempt::SUCCESS;
$loginAttempt->MemberID = $member->ID;

if ($member->Email) {
$loginAttempt->setEmail($member->Email);
}

$loginAttempt->IP = $this->getRequest()->getIP();
$loginAttempt->write();
}

// Clear the members login hashes
$member->AutoLoginHash = null;
$member->AutoLoginExpired = DBDatetime::create()->now();
Expand Down

0 comments on commit 9361382

Please sign in to comment.