1 files changed, 11 insertions, 10 deletions

diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
index e78d2da..ea6bab1 100644
--- a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
+++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
@@ -29,6 +29,8 @@ using System.Threading.Tasks;
 using System.Security.Cryptography;
 using System.Text.Json.Serialization;
 
+using FluentValidation;
+
 using VNLib.Utils.Memory;
 using VNLib.Utils.Logging;
 using VNLib.Utils.Extensions;
@@ -42,7 +44,6 @@ using VNLib.Plugins.Extensions.Loading;
 using VNLib.Plugins.Extensions.Loading.Users;
 using static VNLib.Plugins.Essentials.Statics;
 
-
 namespace VNLib.Plugins.Essentials.Accounts.Endpoints
 {
 
@@ -142,7 +143,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                 }
                 
                 //Make sure the account has not been locked out
-                if (webm.Assert(!UserLoginLocked(user), LOCKED_ACCOUNT_MESSAGE))
+                if (webm.Assert(!UserLoginLocked(user, entity.RequestedTimeUtc), LOCKED_ACCOUNT_MESSAGE))
                 {
                     goto Cleanup;
                 }
@@ -302,7 +303,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                 return VfReturnType.VirtualSkip;
             }
 
-            bool locked = UserLoginLocked(user);
+            bool locked = UserLoginLocked(user, entity.RequestedTimeUtc);
 
             //Make sure the account has not been locked out
             if (!webm.Assert(locked == false, LOCKED_ACCOUNT_MESSAGE))
@@ -383,27 +384,27 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
             webm.Success = true;
             //Write to log
             Log.Verbose("Successful login for user {uid}...", user.UserID[..8]);
-        }        
+        }
 
-        public bool UserLoginLocked(IUser user)
+        public bool UserLoginLocked(IUser user, DateTimeOffset now)
         {
             //Recover last counter value
             TimestampedCounter flc = user.FailedLoginCount();
-            
-            if(flc.Count < MaxFailedLogins)
+
+            if (flc.Count < MaxFailedLogins)
             {
                 //Period exceeded
                 return false;
             }
-            
+
             //See if the flc timeout period has expired
-            if (flc.LastModified.Add(FailedCountTimeout) < DateTimeOffset.UtcNow)
+            if (flc.LastModified.Add(FailedCountTimeout) < now)
             {
                 //clear flc flag
                 user.FailedLoginCount(0);
                 return false;
             }
-            
+
             //Count has been exceeded, and has not timed out yet
             return true;
         }