on_after_failed_login and on_before_login (Feature Request)

[Pauldic]

Thanks alot for the wonderful job done thus far. You approach is really superb. I am pretty new to FastAPI but much in love with this library.

I would love to request if these 2 events could be added to the authentication (/login).
on_after_failed_login(): in case of multiple failed attempt, I would love to keep track of this failed attempt and possibly delay/deny future attempts
on_before_login() -> bool: based on the number of previous failed login attempts I may want to decide if to allow or deny login at this moment. Am thinking this would only be called after every other conditions/parameters like the password, is_active, is_verified has been checked and ready generate the jwt/access_token, such that it would allow us raise exception/return false to deny the user login access

** Also, in situation where the admin created a new user account and forwarded the credentials to the user's email. I maybe want to force the user to change the default password. I may want to abort the login process just before the final stage and redirect the user to the change password screen before s/he can proceed

This would be cleaner for further customization

[hgalytoby]

I have the same need.

I am currently inheriting and overriding methods.

It would be great to add these two events.

How about on_before_login can be before line 57?

https://github.com/fastapi-users/fastapi-users/blob/master/fastapi_users/router/auth.py#L57

on_after_failed_login can be after 59 and 64?

https://github.com/fastapi-users/fastapi-users/blob/master/fastapi_users/router/auth.py#L59

https://github.com/fastapi-users/fastapi-users/blob/master/fastapi_users/router/auth.py#L64

Or here after line 657?

https://github.com/fastapi-users/fastapi-users/blob/master/fastapi_users/manager.py#L657