MAGETWO-56126: Login failed after new custom attribute was added

- handling unlock with a specialized model that can save only auth data for the customer

Author: cpartica

app/code/Magento/Customer/Model/Authentication.php

@@ -5,7 +5,8 @@
  */
 namespace Magento\Customer\Model;
 
-use Magento\Customer\Model\ResourceModel\CustomerAuthenticationRepository;
+use Magento\Customer\Model\ResourceModel\CustomerRepository;
+use Magento\Customer\Model\CustomerAuthUpdate;
 use Magento\Backend\App\ConfigInterface;
 use Magento\Framework\Encryption\EncryptorInterface as Encryptor;
 use Magento\Framework\Exception\InvalidEmailOrPasswordException;
@@ -46,19 +47,24 @@ class Authentication implements AuthenticationInterface
     protected $encryptor;
 
     /**
-     * @var CustomerAuthenticationRepository
+     * @var CustomerRepository
      */
     protected $customerRepository;
 
     /**
-     * @param CustomerAuthenticationRepository $customerRepository
+     * @var CustomerAuthUpdate
+     */
+    private $customerAuthUpdate;
+
+    /**
+     * @param CustomerRepository $customerRepository
      * @param CustomerRegistry $customerRegistry
      * @param ConfigInterface $backendConfig
      * @param \Magento\Framework\Stdlib\DateTime $dateTime
      * @param Encryptor $encryptor
      */
     public function __construct(
-        CustomerAuthenticationRepository $customerRepository,
+        CustomerRepository $customerRepository,
         CustomerRegistry $customerRegistry,
         ConfigInterface $backendConfig,
         \Magento\Framework\Stdlib\DateTime $dateTime,
@@ -105,7 +111,7 @@ public function processAuthenticationFailure($customerId)
         }
 
         $customerSecure->setFailuresNum($failuresNum);
-        $this->customerRepository->save($this->customerRepository->getById($customerId));
+        $this->getCustomerAuthUpdate()->saveAuth($customerId);
     }
 
     /**
@@ -117,7 +123,7 @@ public function unlock($customerId)
         $customerSecure->setFailuresNum(0);
         $customerSecure->setFirstFailure(null);
         $customerSecure->setLockExpires(null);
-        $this->customerRepository->save($this->customerRepository->getById($customerId));
+        $this->getCustomerAuthUpdate()->saveAuth($customerId);
     }
 
     /**
@@ -165,4 +171,19 @@ public function authenticate($customerId, $password)
         }
         return true;
     }
+    
+    /**
+     * Get customer authentication update model
+     *
+     * @return \Magento\Customer\Model\CustomerAuthUpdate
+     * @deprecated
+     */
+    private function getCustomerAuthUpdate()
+    {
+        if ($this->customerAuthUpdate === null) {
+            $this->customerAuthUpdate =
+                \Magento\Framework\App\ObjectManager::getInstance()->get(CustomerAuthUpdate::class);
+        }
+        return $this->customerAuthUpdate;
+    }
 }

app/code/Magento/Customer/Model/CustomerAuthUpdate.php

@@ -0,0 +1,58 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Customer\Model;
+
+/**
+ * Customer Authentication update model.
+ */
+class CustomerAuthUpdate
+{
+    /**
+     * @var \Magento\Customer\Model\CustomerRegistry
+     */
+    protected $customerRegistry;
+
+    /**
+     * @var \Magento\Customer\Model\ResourceModel\Customer
+     */
+    protected $customerResourceModel;
+
+    /**
+     * @param \Magento\Customer\Model\CustomerRegistry $customerRegistry
+     * @param \Magento\Customer\Model\ResourceModel\Customer $customerResourceModel
+      */
+    public function __construct(
+        \Magento\Customer\Model\CustomerRegistry $customerRegistry,
+        \Magento\Customer\Model\ResourceModel\Customer $customerResourceModel
+    ) {
+        $this->customerRegistry = $customerRegistry;
+        $this->customerResourceModel = $customerResourceModel;
+    }
+
+    /**
+     * Reset Authentication data for customer.
+     *
+     * @param int $customerId
+     * @return $this
+     */
+    public function saveAuth($customerId)
+    {
+        $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
+
+        $this->customerResourceModel->getConnection()->update(
+            $this->customerResourceModel->getTable('customer_entity'),
+            array(
+                'failures_num' => $customerSecure->getData('failures_num'),
+                'first_failure' => $customerSecure->getData('first_failure'),
+                'lock_expires' => $customerSecure->getData('lock_expires'),
+            ),
+            $this->customerResourceModel->getConnection()->quoteInto('entity_id = ?', $customerId)
+        );
+
+        return $this;
+    }
+}