In this article I will explain how to determine whether the login failed is due to locked out or not approved account.
ASP.Net Membership is a great library to build login and roles mechanism for ASP.Net Websites, but its ValidateUser method returns false in all the three cases
1. Invalid username or password.
2. Account is not approved or activated i.e. IsApproved is false
3. Account is suspended or disabled or locked i.e. IsLockedOut is false.
Thus it becomes difficult to find the exact issue and in many cases we need to display different messages based on different status. Hence I came up with the following solution
C#
bool isValid = Membership.ValidateUser(txtUserName.Text, txtPassword.Text);
if (!isValid)
{
MembershipUser user = Membership.GetUser(txtUserName.Text);
if (user != null)
{
//User exists
if (!user.IsApproved)
{
//Account Unapproved
lblMessage.Text = "Your account is not approved.";
}
else if (user.IsLockedOut)
{
//Account Locked
lblMessage.Text = "Your account is locked.";
}
else
{
//Invalid username or password
lblMessage.Text = "Invalid username or password.";
}
}
else
{
//Invalid username or password
lblMessage.Text = "Invalid username or password.";
}
}
VB.Net
Dim isValid As Boolean = Membership.ValidateUser(txtUserName.Text, txtPassword.Text)
If Not isValid Then
Dim user As MembershipUser = Membership.GetUser(txtUserName.Text)
If user IsNot Nothing Then
'User exists
If Not user.IsApproved Then
'Account Unapproved
lblMessage.Text = "Your account is not approved."
ElseIf user.IsLockedOut Then
'Account Locked
lblMessage.Text = "Your account is locked."
Else
'Invalid username or password
lblMessage.Text = "Invalid username or password."
End If
Else
'Invalid username or password
lblMessage.Text = "Invalid username or password."
End If
End If
Thus in the above way you can easily identify the exact reason for login failure in ASP.Net Membership library.