Merge pull request #17362 from abpframework/issue-17361

Correctly output `security logs` in `OpenIddict's` controller.
3 years ago · a3c2b1652e
1 changed files with 8 additions and 8 deletions
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs
@ -96,6 +96,14 @@ public partial class TokenController
                var result = await SignInManager.CheckPasswordSignInAsync(user, request.Password, true);
                if (!result.Succeeded)
                {
+                    await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
+                    {
+                        Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
+                        Action = result.ToIdentitySecurityLogAction(),
+                        UserName = request.Username,
+                        ClientId = request.ClientId
+                    });
+
                    string errorDescription;
                    if (result.IsLockedOut)
                    {
@ -138,14 +146,6 @@ public partial class TokenController
                    return await HandleTwoFactorLoginAsync(request, user);
                }

-                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
-                {
-                    Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
-                    Action = result.ToIdentitySecurityLogAction(),
-                    UserName = request.Username,
-                    ClientId = request.ClientId
-                });
-
                return await SetSuccessResultAsync(request, user);
            }
        }