If the login is successful, failed login count is cleared

2021-12-15 14:40:13 +08:00 · 2021-12-15 14:40:13 +08:00 · 8375885468
parent 747daab4cb
commit 8375885468
2 changed files with 12 additions and 3 deletions
--- a/admin/views/users/user/user.html
+++ b/admin/views/users/user/user.html
@ -36,7 +36,7 @@
 												<a class="btn btn-primary btn-rounded btn-xs" ng-click="editUser(user)" >{{'SETTING.EDIT' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" class="btn btn-info btn-rounded btn-xs" ng-click="resetPassword(user)" >{{'USER.RESET_PASSWORD' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" ng-click="deleteUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.DELETE' | translate}}</a>
-												<a ng-hide="user.name=='administrator'" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
+												<a ng-hide="user.failed_login_count < 3" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
 											</td>
 										</tr>
 									</tbody>
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@ -27,7 +27,7 @@ class UserCollection:
        cursor = cnx.cursor()
        query = (" SELECT u.id, u.name, u.display_name, u.uuid, "
                 "        u.email, u.is_admin, p.id, p.name, "
-                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc "
+                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc, u.failed_login_count "
                 " FROM tbl_users u "
                 " LEFT JOIN tbl_privileges p ON u.privilege_id = p.id "
                 " ORDER BY u.name ")
@ -59,7 +59,8 @@ class UserCollection:
                               "account_expiration_datetime":
                                   account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
                               "password_expiration_datetime":
-                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S')}
+                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
+                               "failed_login_count": row[10]}
                result.append(meta_result)

        resp.text = json.dumps(result)
@ -523,6 +524,14 @@ class UserLogin:
            cnx.disconnect()
            raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')

+        if failed_login_count != 0:
+            update_failed_login_count = (" UPDATE tbl_users "
+                                         " SET failed_login_count = 0 "
+                                         " WHERE uuid = %s ")
+            user_uuid = result['uuid']
+            cursor.execute(update_failed_login_count, (user_uuid, ))
+            cnx.commit()
+
        if result['account_expiration_datetime_utc'] <= datetime.utcnow():
            cursor.close()
            cnx.disconnect()