Fixed the not expiry of token in generateCustomerToken graphql

sagar2009kumar · web-flow · commit c1290c586653 · 2021-09-06T15:39:27.000+05:30
When we have more login failure in the api for creation of token than the configured times. It does not allow us to generate new token because there is no any check of 'lock_expires_at'.
diff --git a/app/code/Magento/Integration/Model/ResourceModel/Oauth/Token/RequestLog.php b/app/code/Magento/Integration/Model/ResourceModel/Oauth/Token/RequestLog.php
@@ -58,11 +58,14 @@ protected function _construct()
      */
     public function getFailuresCount($userName, $userType)
     {
+        $date = (new \DateTime())->setTimestamp($this->dateTime->gmtTimestamp());
+        $dateTime = $date->format(\Magento\Framework\Stdlib\DateTime::DATETIME_PHP_FORMAT);
+        
         $select = $this->getConnection()->select();
         $select->from($this->getMainTable(), 'failures_count')
-            ->where('user_name = :user_name AND user_type = :user_type');
+            ->where('user_name = :user_name AND user_type = :user_type AND lock_expires_at > :expiration_time');
 
-        return (int)$this->getConnection()->fetchOne($select, ['user_name' => $userName, 'user_type' => $userType]);
+        return (int)$this->getConnection()->fetchOne($select, ['user_name' => $userName, 'user_type' => $userType, 'expiration_time' => $dateTime]);
     }
 
     /**
