IdentityServer / IdentityServer3.AspNetIdentity

ASP.NET Identity support for Thinktecture IdentityServer3
Apache License 2.0
64 stars 51 forks source link

When SupportsUserLockout is enabled, Failed Access Count is not reset on successful CheckPassword #17

Closed cortex93 closed 9 years ago

cortex93 commented 10 years ago

Something like

if (userManager.SupportsUserLockout)
    await userManager.ResetAccessFailedCountAsync(user.Id);

is not done before returning AuthenticateResult if CheckPasswordAsync returns true.

brockallen commented 10 years ago

Good catch. Thx.

brockallen commented 9 years ago

Looks like I added this at some point, but never closed this issue. Can you look at the code and confirm? Thanks.

cortex93 commented 9 years ago

Yes, you did.