Last post Jun 10, 2020 01:40 PM by Billson3000
Jun 10, 2020 09:58 AM|Billson3000|LINK
I have a web forms application that uses Microsoft Identity to manage users and permissions. Its set up as per below:
I am trying to implement two additional functions but cannot find a tutorial to help me do it. They are:
Can anyone point me in the right direction to implement this. I am very grateful for any advice. Thanks in advance.
Jun 10, 2020 11:31 AM|mgebhard|LINK
Add Max login attempts e.g. Account locks after 5 invalid attempts
The Identity API you are using already has this feature and the default template adds the configuration in IdentityConfig.cs. Simply create a new Web Forms project and use the Individual Account section to see the config.
Add functionality to force password reset after set amount of time. This could be a period e.g. 90 days or a push setting created by an admin account
This is code that you must design and write. I would use a LastPasswordUpdate claim to handle this logic. Add the claim when the user creates the account. Update the claim when the user updates the password. Check the claim when the user logs in and
redirect to the update password page if the password expired. You can also add a column to the user table to hold the last password change DateTime.
Jun 10, 2020 01:04 PM|Billson3000|LINK
Thanks for taking the time to reply.
Re MAX Attempts... I have checked the Identity Config. It shows:
// Configure user lockout defaults
manager.UserLockoutEnabledByDefault = true;
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
manager.MaxFailedAccessAttemptsBeforeLockout = 5;
manager.EmailService = new EmailService();
manager.SmsService = new SmsService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
manager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));
Which is what I thought was happening. Its only when I test this that I have found it isn't triggering a lockout. Any ideas?
Jun 10, 2020 01:29 PM|mgebhard|LINK
Did you enable lockout for the user?
Jun 10, 2020 01:40 PM|Billson3000|LINK
No I don't know how to do that. Hence the question on the forum !!! :)