From 19b38f2fb81cc01f7bb109f86324d5dd9cada992 Mon Sep 17 00:00:00 2001
From: baozhoutao <baozhoutao@hotoa.com>
Date: Sat, 7 Oct 2023 19:10:58 +0800
Subject: [PATCH] =?UTF-8?q?=E8=BF=87=E4=BA=86=E9=94=81=E5=AE=9A=E6=97=B6?=
 =?UTF-8?q?=E9=97=B4=E5=90=8E,=20=E9=87=8D=E7=BD=AE=E5=AF=86=E7=A0=81?=
 =?UTF-8?q?=E9=94=99=E8=AF=AF=E6=AC=A1=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://github.com/steedos/steedos-project-hbport/issues/473
---
 packages/accounts/src/password/accounts-password.ts | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/packages/accounts/src/password/accounts-password.ts b/packages/accounts/src/password/accounts-password.ts
index 12f8e5397a..54bd567d15 100644
--- a/packages/accounts/src/password/accounts-password.ts
+++ b/packages/accounts/src/password/accounts-password.ts
@@ -777,8 +777,13 @@ export default class AccountsPassword implements AuthenticationService {
     if (!isPasswordValid) {
       if(!saas){
         const userProfile = await this.getUserProfile(foundUser.id);
-
-        await this.db.updateUser(foundUser.id, {$inc: {login_failed_number: 1}});
+        const login_failed_lockout_time = foundUser.login_failed_lockout_time;
+        // 重置密码错误次数
+        if(userProfile.lockout_interval !=0 && moment(login_failed_lockout_time).isBefore(new Date())){
+          await this.db.updateUser(foundUser.id, {$set: {login_failed_number: 1}});
+        }else{
+          await this.db.updateUser(foundUser.id, {$inc: {login_failed_number: 1}});
+        }
 
         const user: any = await this.db.findUserById(foundUser.id);
         if(user.login_failed_number >= userProfile.max_login_attempts){