Skip to main content
All docs
V24.2
.NET 8.0+
  • The page you are viewing does not exist in the .NET Framework 4.6.2+ platform documentation. This link will take you to the parent topic of the current section.

UserManager.ResetLockout(Object) Method

Resets the account lockout for the specified user.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v24.2.dll

NuGet Package: DevExpress.ExpressApp.Security

Declaration

public void ResetLockout(
    object user
)

Parameters

Name Type Description
user Object

An application user object.

Remarks

See the ISecurityUserLockout topic for information on the user lockout (“Brute Force” attack protection) feature in XAF.

Example

This example demonstrates how to use UserManager API to allow administrators to view the lockout status of application users and how to implement a controller action that administrators can use to reset the lockout for a specific user account.

To display the user lockout status in the List View and Detail View for the ApplicationUser persistent class, add a non-persistent IsLockedOut property to this class. In the property getter, use the UserManager.IsLockedOut method to obtain the lockout status for the current user object:

using Microsoft.Extensions.DependencyInjection;
using DevExpress.ExpressApp.Security;
// ...
public class ApplicationUser : PermissionPolicyUser, ISecurityUserWithLoginInfo, ISecurityUserLockout {
    // ...
    [NotMapped]
    public virtual bool IsLockedOut {
        get {
            var userManager = ObjectSpace.ServiceProvider.GetRequiredService<UserManager>();
            return userManager.IsLockedOut(this);
        }    
    }
}

Next, add a new View Controller and implement a controller action that calls the UserManager.ResetLockout method to reset the lockout for the currently viewed user account:

using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Actions;
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.Base;
using Microsoft.Extensions.DependencyInjection;
using MySolution.Module.BusinessObjects;
// ...
public class ResetUserLockoutController : ViewController {
    IServiceProvider serviceProvider;
    SimpleAction resetUserLockoutAction;

    public ResetUserLockoutController() { }

    [ActivatorUtilitiesConstructor]
    public ResetUserLockoutController(IServiceProvider serviceProvider) : this() {
        this.serviceProvider = serviceProvider;
        TargetViewType = ViewType.DetailView;
        TargetObjectType = typeof(ApplicationUser);

        resetUserLockoutAction = new SimpleAction(this, "ResetLockout", PredefinedCategory.View) {
            Caption = "Reset Lockout",
        };

        resetUserLockoutAction.Execute += ResetUserLockoutAction_Execute;
    }

    private void ResetUserLockoutAction_Execute(object sender, SimpleActionExecuteEventArgs e) {
        var userManager = serviceProvider.GetRequiredService<UserManager>();
        userManager.ResetLockout(View.CurrentObject);
        View.Refresh();
    }

    protected override void OnActivated() {
        base.OnActivated();
        // Hide the action from non-admin users.
        ISecurityStrategyBase securityStrategy = serviceProvider.GetRequiredService<ISecurityProvider>().GetSecurity();
        ApplicationUser currentUser = (ApplicationUser)securityStrategy.User;
        resetUserLockoutAction.Active["AdminOnlyAction"] = currentUser.Roles.Any(r => r.IsAdministrative);
    }
}

The image below demonstrates the result:

Result

See Also