I am using the standard Asp.net Identity framework, Ver 2.0. Is there any way to have a DEFAULT lockout set when the user registers for the first time? Our application requires that on registration, a user needs to be locked out after 48 hours. This needs to be automatic to avoid unnecessary admin headaches?
I am aware of the following settings, but these just enable not activate the features:
manager.UserLockoutEnabledByDefault = true; // Enables ability to lockout
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
manager.MaxFailedAccessAttemptsBeforeLockout = 5;
Thanks very much.
I don't think the lockout mechanism is meant to use like that. But I would like to suggest another solution anyway.
I think the easiest way is to extend ApplicationUser with a CreatedDateTime field that is set when the user is created (registers).
public class ApplicationUser : IdentityUser
{
public DateTime CreatedDateTime { get; set; }
}
When a user logs in just check appUser.CreatedDateTime.AddDays(2) < DateTime.Now
As a bonus you can track when the user registered.