failed to add a db record after auth failure

[jcherrabi]

Thank you for sharing,
i think i hit a bug...
if you simulate a failed login, and then log in successfully you will notice that no record was added due to the authentication throttling.

a normal behavior should be add a record if the type status changes regardless of throttling time, as this is a new state and should be logged.. so right now after a failed login, i do not get a successful log recorded.

the fix is as follow:
add this && $login['type'] == Login::TYPE_LOGIN to the if statement as shown below in the:
AuthChecker.php file
if (isset($login->created_at) && $login->created_at->gt($limit) && $login['type'] == Login::TYPE_LOGIN) { return false; }

cheers,
Jay

[BrandonSurowiec]

@jcherrabi I can confirm this bug. If you fail a log in and then do a successful login right after, the successful log in doesn't get recorded.

The workaround is to disable throttling. The long-term fix is to patch the code with your snippet:

@MarceauKa Would you like a PR with the fix and a test?