How to lock / unlock a user in MVC SimpleMembership

Question

How to lock / unlock a user in MVC SimpleMembership

In SimpleMembership, there is not a single column in the database to lock / unlock the user. I basically need my administrator to enable or disable any user in my application. Are there any alternatives to this?

+6

c # asp.net asp.net-mvc asp.net-mvc-4

Prabesh manandhar Nov 06 '12 at 6:38

source share

5 answers

I have not tried simplemembership yet, but this sound is great for some small projects I'm working on. Here are a few options:

Option 1 : add a custom field to the table as shown here - http://www.dwdmbi.com/2012/10/adding-custom-fields-to-vs2012-mvc4.html

Option 2 Create a new table with a foreign key for the user. Make an additional check of this value.

In any case, you will go on the check. You can configure the Authorize attribute to enable your check (instructions here - Override the authorization attribute in ASP.NET MVC ).

0

Ben jones Nov 06 '12 at 7:01

source share

This may not be an “approved” way of doing something, but I do.

The webpages_Membership table has an IsConfirmed field. Typically, this happens when you want to perform a two-step registration process: registration is activated via a link in an email. However, by its nature, this field has the same effect as IsApproved in the previous aspnet_Membership table: if set to true, the user can log in; if false, they cannot. So I just use plain old SQL to set true or false:

 // If using EntityFramework // 1. Setup my params var params = new List<SqlParameter>() { new SqlParameter("@UserID", 1), new SqlParameter("@Activate", true) // or false }; SqlParameter[] paramArray = params.ToArray(); // 2. Update the database myDbContext.Database.ExecuteSqlCommand("UPDATE webpages_Membership SET IsConfirmed = @Activate WHERE UserId = @UserID", paramArray);

0

Matt Sep 16 '14 at 12:53

source share

try this approach. It uses IsApproved, not IsLockedOut. If your implementation does not already use IsAproved, this would be a good solution.

 MembershipUser user = Membership.GetUser(username); user.IsApproved = false; Membership.UpdateUser(user);

This does not exactly block the user. Technically, this call receives an approved status from the user and does not allow them to log in.

0

ar.gorgin Jan 19 '15 at 5:47

source share

I don’t know what technology you are using, but either you need to specify a column in the table with a lock lock, as you indicated or generously add one table to the database (say tlbDisable), where you can delete the records in the original table and insert this in the new table (tlbDisable).

When you want to enable this user again, then simply delete the entry from tlbDisable and paste it into the original user table.

-1

Freelancer Nov 06 '12 at 6:44

source share

Iain m norman · Accepted Answer · 2013-08-06T11:39:49+0000

It’s easier for me to use Roles for this. Have an ActiveUser role and tag your controllers or actions with the Authorize attribute.

[Authorize(Roles = "ActiveUser")]

Then, some simple administrator to add or remove users from the role to unlock and block their access to everything protected by this attribute of roles.

 Roles.AddUserToRole(user.Username, "ActiveUser"); Roles.RemoveUserFromRole(user.Username, "ActiveUser");

How to lock / unlock a user in MVC SimpleMembership

More articles: