I know I can put the LockedDate
in the User
table. But I want a difference between an user that is Locked (because of invalid login-attempts) and a user I have marked as “disabled” or “not-active”. Do I need to manage this myself (chaging the schema of the table)? Or is there a way to do this?
The InvalidLoginAttempts
will hold how many failed attempts they had, or you can use something like DateTime.MinValue
to indicate as such.
Otherwise you can override the existing behavior by overriding IsAccountLocked()
in a Custom AuthProvider:
Ok; LockedDate will be the goto solution, and I will use a valid DateTime.MinValue for SQLServer to implement my own logic to indicate a user has been inactivated from the system.
Thanks for your insight.
1 Like