From e21e2f1510f5f6b1d590f1e7473c70fc84b351be Mon Sep 17 00:00:00 2001 From: Abdullah Atta Date: Tue, 5 Mar 2024 10:10:47 +0500 Subject: [PATCH] identity: fix no error being showed if user is locked out --- .../Validation/MFAPasswordGrantValidator.cs | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/Streetwriters.Identity/Validation/MFAPasswordGrantValidator.cs b/Streetwriters.Identity/Validation/MFAPasswordGrantValidator.cs index b00d95c..c9a1ed8 100644 --- a/Streetwriters.Identity/Validation/MFAPasswordGrantValidator.cs +++ b/Streetwriters.Identity/Validation/MFAPasswordGrantValidator.cs @@ -87,18 +87,20 @@ namespace Streetwriters.Identity.Validation if (user == null) return; var result = await SignInManager.CheckPasswordSignInAsync(user, password, true); - if (!result.Succeeded) - { - await EmailSender.SendFailedLoginAlertAsync(user.Email, httpContext.GetClientInfo(), client).ConfigureAwait(false); - return; - } - else if (result.IsLockedOut) + + if (result.IsLockedOut) { var timeLeft = user.LockoutEnd - DateTimeOffset.Now; context.Result = new LockedOutValidationResult(timeLeft); return; } + if (!result.Succeeded) + { + await EmailSender.SendFailedLoginAlertAsync(user.Email, httpContext.GetClientInfo(), client).ConfigureAwait(false); + return; + } + var sub = await UserManager.GetUserIdAsync(user); context.Result = new GrantValidationResult(sub, AuthenticationMethods.Password); }