Introduction
In order to lockout a user account in ASP.NET Identity, we use two properties: the LockoutEnabled property and the LockoutEndDateUtc property.
Usage
The following are the default properties of a user in ASP.NET Identity :
The LockoutEnabled property indicates that the lockout is enabled for a user. Be careful, by setting this property to true
it does not mean that the user is locked out, it only means that the lockout is enabled for this user. The LockoutEndDateUtc property
indicates when the lockout ends and be careful, any time in the past is considered not locked out.
By using these two properties together, you can lockout a user for a specific amount of time.
// Locking out a user for 10 minutes
user.LockoutEnabled = true;
user.LockoutEndDateUtc = DateTime.Now.AddMinutes(10);
In preceding code, we enable the lockout for the user by setting the LockoutEnabled property to true
.
After that, we add 10 minutes to the current datetime by using the AddMinutes method and we set the resulted value to the
LockoutEndDateUtc property. This will result in locking the user for 10 minutes.
Note : In order to lockout a user forever or at least until unlocking it again, set LockoutEndDateUtc
to : DateTime.MaxValue
.