Merge 2.1 -> 2.2 (#2009)

* Fix login.cshtml

src/UI/Areas/Identity/Pages/V3/Account/Login.cshtml.cs

@@ -128,7 +128,7 @@ namespace Microsoft.AspNetCore.Identity.UI.V3.Pages.Account.Internal
             {
                 // This doesn't count login failures towards account lockout
                 // To enable password failures to trigger account lockout, set lockoutOnFailure: true
-                var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
+                var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
                 if (result.Succeeded)
                 {
                     _logger.LogInformation("User logged in.");

src/UI/Areas/Identity/Pages/V4/Account/Login.cshtml.cs

@@ -127,7 +127,7 @@ namespace Microsoft.AspNetCore.Identity.UI.V4.Pages.Account.Internal
             {
                 // This doesn't count login failures towards account lockout
                 // To enable password failures to trigger account lockout, set lockoutOnFailure: true
-                var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
+                var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
                 if (result.Succeeded)
                 {
                     _logger.LogInformation("User logged in.");

test/Identity.FunctionalTests/LoginTests.cs

@@ -362,7 +362,7 @@ namespace Microsoft.AspNetCore.Identity.FunctionalTests
         }
 
         [Fact]
-        public async Task UserLockedOut_AfterMaxFailedAccessAttempts_WithGlobalAuthorizeFilter()
+        public async Task UserNotLockedOut_AfterMaxFailedAccessAttempts_WithGlobalAuthorizeFilter()
         {
             // Arrange
             var emailSender = new ContosoEmailSender();
@@ -383,7 +383,7 @@ namespace Microsoft.AspNetCore.Identity.FunctionalTests
             await UserStories.ConfirmEmailAsync(registrationEmail, client);
 
             // Act & Assert
-            await UserStories.LockoutExistingUserAsync(newClient, userName, wrongPassword);
+            await UserStories.LoginFailsWithWrongPasswordAsync(newClient, userName, wrongPassword);
         }
     }
 }

test/Identity.FunctionalTests/Pages/Account/Login.cs

@@ -64,6 +64,15 @@ namespace Microsoft.AspNetCore.Identity.FunctionalTests.Account
                 Context.WithAuthenticatedUser().WithPasswordLogin());
         }
 
+        public async Task LoginWrongPasswordAsync(string userName, string password)
+        {
+            var failedLogin = await SendLoginForm(userName, password);
+
+            ResponseAssert.IsOK(failedLogin);
+            var content = await failedLogin.Content.ReadAsStringAsync();
+            Assert.Contains("Invalid login attempt.", content);
+        }
+
         public async Task<DefaultUIPage> LockoutUserAsync(string userName, string password)
         {
             var loginAttempt = await SendLoginForm(userName, password);

test/Identity.FunctionalTests/UserStories.cs

@@ -36,6 +36,15 @@ namespace Microsoft.AspNetCore.Identity.FunctionalTests
             return await login.LoginValidUserAsync(userName, password);
         }
 
+        internal static async Task LoginFailsWithWrongPasswordAsync(HttpClient client, string userName, string password)
+        {
+            var index = await Index.CreateAsync(client);
+
+            var login = await index.ClickLoginLinkAsync();
+
+            await login.LoginWrongPasswordAsync(userName, password);
+        }
+
         internal static async Task<DefaultUIPage> LockoutExistingUserAsync(HttpClient client, string userName, string password)
         {
             var index = await Index.CreateAsync(client);