From 83758854681c7be2c102dabc1de7df2a19d1f8d5 Mon Sep 17 00:00:00 2001
From: Caozhenhui <823914102@qq.com>
Date: Wed, 15 Dec 2021 14:40:13 +0800
Subject: [PATCH] If the login is successful, failed login count is cleared

---
 admin/views/users/user/user.html |  2 +-
 myems-api/core/user.py           | 13 +++++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/admin/views/users/user/user.html b/admin/views/users/user/user.html
index 41c399bc..eae9dd2d 100644
--- a/admin/views/users/user/user.html
+++ b/admin/views/users/user/user.html
@@ -36,7 +36,7 @@
 												<a class="btn btn-primary btn-rounded btn-xs" ng-click="editUser(user)" >{{'SETTING.EDIT' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" class="btn btn-info btn-rounded btn-xs" ng-click="resetPassword(user)" >{{'USER.RESET_PASSWORD' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" ng-click="deleteUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.DELETE' | translate}}</a>
-												<a ng-hide="user.name=='administrator'" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
+												<a ng-hide="user.failed_login_count < 3" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
 											</td>
 										</tr>
 									</tbody>
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index 69df28de..fae74f6a 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -27,7 +27,7 @@ class UserCollection:
         cursor = cnx.cursor()
         query = (" SELECT u.id, u.name, u.display_name, u.uuid, "
                  "        u.email, u.is_admin, p.id, p.name, "
-                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc "
+                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc, u.failed_login_count "
                  " FROM tbl_users u "
                  " LEFT JOIN tbl_privileges p ON u.privilege_id = p.id "
                  " ORDER BY u.name ")
@@ -59,7 +59,8 @@ class UserCollection:
                                "account_expiration_datetime":
                                    account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
                                "password_expiration_datetime":
-                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S')}
+                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
+                               "failed_login_count": row[10]}
                 result.append(meta_result)
 
         resp.text = json.dumps(result)
@@ -523,6 +524,14 @@ class UserLogin:
             cnx.disconnect()
             raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')
 
+        if failed_login_count != 0:
+            update_failed_login_count = (" UPDATE tbl_users "
+                                         " SET failed_login_count = 0 "
+                                         " WHERE uuid = %s ")
+            user_uuid = result['uuid']
+            cursor.execute(update_failed_login_count, (user_uuid, ))
+            cnx.commit()
+
         if result['account_expiration_datetime_utc'] <= datetime.utcnow():
             cursor.close()
             cnx.disconnect()