From 000e9c006fccbbb2f8e65a80c18097506d9021ef Mon Sep 17 00:00:00 2001
From: "nik.n" <nik.n@nds-tyo.co.jp>
Date: Wed, 3 Apr 2024 10:57:54 +0900
Subject: [PATCH] =?UTF-8?q?=E4=BB=95=E6=A7=98=E3=81=AB=E5=90=88=E3=82=8F?=
 =?UTF-8?q?=E3=81=9B=E3=81=A6=E3=83=AD=E3=82=B8=E3=83=83=E3=82=AF=E4=BF=AE?=
 =?UTF-8?q?=E6=AD=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ecs/jskult-webapp/src/controller/login.py     | 10 +++++++---
 ecs/jskult-webapp/src/model/db/user_master.py |  3 +++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py
index 6eee5b31..f2c44559 100644
--- a/ecs/jskult-webapp/src/controller/login.py
+++ b/ecs/jskult-webapp/src/controller/login.py
@@ -70,8 +70,8 @@ def login(
     pre_login_user_record = login_service.logged_in_user(request.username)
     # ログイン失敗回数が10回以上あれば、ログアウト画面にリダイレクトする
     if pre_login_user_record is not None and pre_login_user_record.is_login_failed_limit_exceeded():
-        logger.info(f'ログイン失敗回数が10回以上: {request.username}')
-        login_service.on_login_fail_limit_exceeded(request.username)
+        logger.info(f'ログイン失敗回数が10回以上: {pre_login_user_record.user_id}')
+        login_service.incorrect_login_password_attempt(pre_login_user_record.user_id)
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_FAILED_LIMIT_EXCEEDED)
 
     try:
@@ -79,7 +79,11 @@ def login(
     except NotAuthorizeException as e:
         logger.info(f'ログイン失敗：{e}')
         login_service.incorrect_login_password_attempt(request.username)
-        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_ERROR)
+        if pre_login_user_record is not None and pre_login_user_record.is_on_login_failed_limit():
+            login_service.on_login_fail_limit_exceeded(pre_login_user_record.user_id)
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_FAILED_LIMIT_EXCEEDED)
+        else:
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=constants.LOGOUT_REASON_LOGIN_ERROR)
     except JWTTokenVerifyException as e:
         logger.info(f'ログイン失敗：{e}')
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
diff --git a/ecs/jskult-webapp/src/model/db/user_master.py b/ecs/jskult-webapp/src/model/db/user_master.py
index b8dee115..711fe366 100644
--- a/ecs/jskult-webapp/src/model/db/user_master.py
+++ b/ecs/jskult-webapp/src/model/db/user_master.py
@@ -39,3 +39,6 @@ class UserMasterModel(BaseDBModel):
     
     def is_login_failed_limit_exceeded(self):
         return self.mntuser_login_failed_cnt >= constants.LOGIN_FAIL_LIMIT
+
+    def is_on_login_failed_limit(self):
+        return self.mntuser_login_failed_cnt == constants.LOGIN_FAIL_LIMIT - 1
\ No newline at end of file