Seems that Magento hasn't this functionality, maybe it's not so useful but I need to.
For locking a customer I mean preventing them of using their account. He can't be able of login, it has to be like this account doesn't exist.
Even from admin panel, if the customer is locked, orders can not be placed for it.
I was searching but I found anything, seems I the only one who needs this? 🙁
I see that in the DDBB customer_entity
there is a field named is_active
but seems it does anything.
Then I found the functionality of blocking the account for introducing multiple times incorrect password. I thought about using this, like when I want to block some customer, I fake that. But it's not the best proper way to do that… Also the msg error will be something like "You introduced so many times…" and this is not good.
EDIT
I decided to create an extensionAttribute field on customer_entity
.
Then a plugin: Magento\Customer\Api\AccountManagementInterface
with the method: afterAuthenticate
preventing the login if the field is set to block the customer.
So this is working fine, now the problem is with the customers that are already logged in. If you set the field to block it, the session doesn't finish.
How can I solve this? I was thinking about: if you login and then deletes the customer, when you refresh the page, it finishes the session. How it detects that? I want to intercept this method and check my field too. With this, the problem will be solved.
Best Answer
Instead of making a module or having to recode anything, I did it through phpmyadmin. When you go in your files, go to customer_entity
Go to the customer that you want to LOCK out of their account. Click edit and go to the part that says
and I typed 10 because max failed attempts is only 3. Go down to
and use the calendar to choose the year you want the lock to expire. You have to be within a reasonable time for it to accept the date, like 10 years from now. SAVE
Then go to customer_grid_flat go down to
and put the same date as you did the other file. SAVE
DONE
Now the customer can't log in until you unlock it. Which if you choose to, you can do in the admin panel under their customer info.