Reset authentication rate limit counters on successful password reset

This provides a secure mechanism for users that have made too many
failed password authentication attempts to regain access to their
account without having to wait for the rate limiting window to elapse.

Author: smfeest

src/Buttercup.Security.Tests/PasswordAuthenticationServiceTests.cs

@@ -733,6 +733,9 @@ await this.SecurityEventExists(
         this.authenticationMailerMock.Verify(
             x => x.SendPasswordChangeNotification(userBefore.Email));
 
+        // Resets the rate limit counters
+        this.passwordAuthenticationRateLimiterMock.Verify(x => x.Reset(userBefore.Email));
+
         // Returns updated user
         Assert.Equal(expectedUserAfter, result);
     }

src/Buttercup.Security/PasswordAuthenticationService.cs

@@ -195,6 +195,8 @@ await this.InsertSecurityEvent(
 
         await this.authenticationMailer.SendPasswordChangeNotification(user.Email);
 
+        await this.passwordAuthenticationRateLimiter.Reset(user.Email);
+
         return user;
     }