fix: Fix bugs with account locking (#2580)

* fix(security): reset login attempts after successful login

Enforce a maximum number of consecutive failed logins. Successfully logging in should reset the
count.

#2569

* fix(security): fix when user is unlocked

The user should be unlocked when locked_at is set, but the lock has expired.

#2569

mealie/services/user_services/user_service.py

@@ -23,7 +23,7 @@ class UserService(BaseService):
         unlocked = 0
 
         for user in locked_users:
-            if force or user.is_locked and user.locked_at is not None:
+            if force or not user.is_locked and user.locked_at is not None:
                 self.unlock_user(user)
                 unlocked += 1