Merge remote-tracking branch 'upstream/master' into zope4py2

12bb7b37 · Jérome Perrin · c71a47c8 · f3dc7d8b · 12bb7b37
Commit 12bb7b37 authored Sep 27, 2022 by Jérome Perrin
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

product/ERP5Security/ERP5LoginUserManager.py product/ERP5Security/ERP5LoginUserManager.py +6 -1

No files found.
--- a/product/ERP5Security/ERP5LoginUserManager.py
+++ b/product/ERP5Security/ERP5LoginUserManager.py
@@ -27,6 +27,7 @@
 ##############################################################################
 from functools import partial
 from Products.ERP5Type.Globals import InitializeClass
+from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
 from AccessControl import ClassSecurityInfo
 from AccessControl.AuthEncoding import pw_validate
 from Products.PageTemplates.PageTemplateFile import PageTemplateFile
@@ -132,7 +133,11 @@ class ERP5LoginUserManager(BasePlugin):
          or login_password is None
          or not pw_validate(login_password, password)):
        if is_authentication_policy_enabled:
+          tv = getTransactionalVariable()
+          login_failure_key = 'notified_login_failure_' + login_value.getRelativeUrl()
+          if tv.get(login_failure_key) is None:
            login_value.notifyLoginFailure()
+            tv[login_failure_key] = 1
        return
    if is_authentication_policy_enabled:
      if login_value.isPasswordExpired():