UserManager AccessFailed Decrements instead of increments

May 13, 2014 at 6:05 PM
Hi,

I'm new to Identity, so please bear with me. In trying to implement Lockout logic, I'm having issues with lockout increment count resetting itself back to zero. First time pass, UserManager.AccessFailed(user.Id) increments to one, the second time it resets to zero. My understanding is that it should increment each time, but this is not the case. Please advice.
UserManager.AccessFailed(user.Id);

if (UserManager.GetAccessFailedCount(user.Id) >=
UserManager.MaxFailedAccessAttemptsBeforeLockout)
{
    UserManager.SetLockoutEnabled(user.Id, true);
}
Developer
May 13, 2014 at 9:10 PM
Internally it checks the MaxFailedAccessAttemptsBeforeLockout value and resets the count once it reaches that value. This is done to lockout the user. The SetLockoutEnabled method enables the user to be locked out and does not lockout the user. This is done for admin scenarios where the admin user should never be locked out
May 14, 2014 at 12:54 PM
Are you saying that lockout occurs automatically? I'm not seeing the lockoutEnabled field set. Is there code sample out there or an documentation/article? There seems to be very little information on how this is meant to work.
Developer
May 14, 2014 at 8:28 PM
Install the Microsoft.AspNet.Identity.Samples package on an empty project. This is a web application with the best practices to hooking Identity features. It has the sample code to enable and use user lockout feature
May 15, 2014 at 1:26 PM
Edited May 15, 2014 at 1:33 PM
Thank you!