ASP.net Identity 2.0 Sign-out another user
Question
I'm using asp.net MVC and ASP.net Identity 2.0.
On my website Admin has option to ban user, and I would like when user is banned that he is automatically signed-out from website.
I know that I can sign-out current user by calling
AuthenticationManager.SignOut();
But is it possible to sign-out another user ? Or maybe shorter his session ? Or anything ?
I know I could make global filter on controllers prohibiting banned users from access but that filter would be ran against each user so I'm not quiet satisfied with that solution.
2 answers
solution1
17 2014-09-16 21:15:54
If you use the securitystampvalidator feature, when a user is banned just call: UpdateSecurityStamp(userId) to cause any existing login cookies to be invalid the next time they are checked.
solution2
15 ACCPTED 2014-09-17 09:52:34
You'll need to configure cookie invalidation in Auth.Config.cs:
public void ConfigureAuth(IAppBuilder app)
{
// important to register UserManager creation delegate. Won't work without it
app.CreatePerOwinContext(UserManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<UserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(10),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
// other configurations
});
// other stuff
}
and then update security stamp as Hao Kung says when users are banned.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.