07-23-2023, 08:34 AM
My app allows an admin to suspend/unsuspend user accounts. I do this with the following code:
MembershipUser user = Membership.GetUser(Guid.Parse(userId));
user.IsApproved = false;
Membership.UpdateUser(user);
The above works fine to suspend the user, but it does not revoke their session. Consequently, the suspended user can remain with access to the application as long as their session cookie remains. Any fix/
MembershipUser user = Membership.GetUser(Guid.Parse(userId));
user.IsApproved = false;
Membership.UpdateUser(user);
The above works fine to suspend the user, but it does not revoke their session. Consequently, the suspended user can remain with access to the application as long as their session cookie remains. Any fix/