Now properly checks the lockedoutdate (#14908)

Ambertvu · Ambert van Unen · web-flow · commit f5096ba8f3a6 · 2024-01-20T01:33:11.000+01:00
* Now properly checks the lockedoutdate

* Also fix Test (failed constructor)

* Processed feedback

* Added obsolete constructor

---------

Co-authored-by: Ambert van Unen &lt;AvanUnen@ilionx.com&gt;
diff --git a/src/Umbraco.Infrastructure/Security/IdentityMapDefinition.cs b/src/Umbraco.Infrastructure/Security/IdentityMapDefinition.cs
@@ -18,6 +18,7 @@ public class IdentityMapDefinition : IMapDefinition
 {
     private readonly AppCaches _appCaches;
     private readonly IEntityService _entityService;
+    private readonly SecuritySettings _securitySettings;
     private readonly GlobalSettings _globalSettings;
     private readonly ILocalizedTextService _textService;
     private readonly ITwoFactorLoginService _twoFactorLoginService;
@@ -26,28 +27,48 @@ public IdentityMapDefinition(
         ILocalizedTextService textService,
         IEntityService entityService,
         IOptions<GlobalSettings> globalSettings,
+        IOptions<SecuritySettings> securitySettings,
         AppCaches appCaches,
         ITwoFactorLoginService twoFactorLoginService)
     {
         _textService = textService;
         _entityService = entityService;
         _globalSettings = globalSettings.Value;
+        _securitySettings = securitySettings.Value;
         _appCaches = appCaches;
         _twoFactorLoginService = twoFactorLoginService;
     }
 
+    [Obsolete("Use constructor that also takes an IOptions<SecuritySettings>. Scheduled for removal in V14")]
+    public IdentityMapDefinition(
+        ILocalizedTextService textService,
+        IEntityService entityService,
+        IOptions<GlobalSettings> globalSettings,
+        AppCaches appCaches,
+        ITwoFactorLoginService twoFactorLoginService)
+        : this(
+            textService,
+            entityService,
+            globalSettings,
+            StaticServiceProvider.Instance.GetRequiredService<IOptions<SecuritySettings>>(),
+            appCaches,
+            twoFactorLoginService)
+    {
+    }
+
     [Obsolete("Use constructor that also takes an ITwoFactorLoginService. Scheduled for removal in V12")]
     public IdentityMapDefinition(
         ILocalizedTextService textService,
         IEntityService entityService,
         IOptions<GlobalSettings> globalSettings,
         AppCaches appCaches)
         : this(
-              textService,
-              entityService,
-              globalSettings,
-              appCaches,
-              StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
+            textService,
+            entityService,
+            globalSettings,
+            StaticServiceProvider.Instance.GetRequiredService<IOptions<SecuritySettings>>(),
+            appCaches,
+            StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
     {
     }
 
@@ -107,7 +128,8 @@ private void Map(IUser source, BackOfficeIdentityUser target)
             source.GetUserCulture(_textService, _globalSettings).ToString(); // project CultureInfo to string
         target.IsApproved = source.IsApproved;
         target.SecurityStamp = source.SecurityStamp;
-        target.LockoutEnd = source.IsLockedOut ? DateTime.MaxValue.ToUniversalTime() : (DateTime?)null;
+        DateTime? lockedOutUntil = source.LastLockoutDate?.AddMinutes(_securitySettings.UserDefaultLockoutTimeInMinutes);
+        target.LockoutEnd = source.IsLockedOut ? (lockedOutUntil ?? DateTime.MaxValue).ToUniversalTime() : null;
     }
 
     // Umbraco.Code.MapAll -Id -LockoutEnabled -PhoneNumber -PhoneNumberConfirmed -ConcurrencyStamp -NormalizedEmail -NormalizedUserName -Roles
@@ -124,7 +146,8 @@ private void Map(IMember source, MemberIdentityUser target)
         target.PasswordConfig = source.PasswordConfiguration;
         target.IsApproved = source.IsApproved;
         target.SecurityStamp = source.SecurityStamp;
-        target.LockoutEnd = source.IsLockedOut ? DateTime.MaxValue.ToUniversalTime() : (DateTime?)null;
+        DateTime? lockedOutUntil = source.LastLockoutDate?.AddMinutes(_securitySettings.UserDefaultLockoutTimeInMinutes);
+        target.LockoutEnd = source.IsLockedOut ? (lockedOutUntil ?? DateTime.MaxValue).ToUniversalTime() : null;
         target.Comments = source.Comments;
         target.LastLockoutDateUtc = source.LastLockoutDate == DateTime.MinValue
             ? null
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs
@@ -43,6 +43,7 @@ public MemberManager CreateSut()
                 Mock.Of<ILocalizedTextService>(),
                 Mock.Of<IEntityService>(),
                 new TestOptionsSnapshot<GlobalSettings>(new GlobalSettings()),
+                new TestOptionsSnapshot<SecuritySettings>(new SecuritySettings()),
                 AppCaches.Disabled,
                 Mock.Of<ITwoFactorLoginService>())
         };
