Browse Source
Merge pull request #19947 from abpframework/AccessFailedAsync
Lock the user if too many incorrect 2FA code attempts.
pull/19948/head
liangshiwei
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with
4 additions and
0 deletions
-
modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
-
modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs
|
|
|
@ -203,6 +203,8 @@ public class AbpResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator |
|
|
|
return; |
|
|
|
} |
|
|
|
|
|
|
|
await UserManager.AccessFailedAsync(user); |
|
|
|
|
|
|
|
Logger.LogInformation("Authentication failed for username: {username}, reason: InvalidAuthenticatorCode", context.UserName); |
|
|
|
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, Localizer["InvalidAuthenticatorCode"]); |
|
|
|
} |
|
|
|
|
|
|
|
@ -206,6 +206,8 @@ public partial class TokenController |
|
|
|
return await SetSuccessResultAsync(request, user); |
|
|
|
} |
|
|
|
|
|
|
|
await UserManager.AccessFailedAsync(user); |
|
|
|
|
|
|
|
Logger.LogInformation("Authentication failed for username: {username}, reason: InvalidAuthenticatorCode", request.Username); |
|
|
|
|
|
|
|
var properties = new AuthenticationProperties(new Dictionary<string, string> |
|
|
|
|
