Feature Request: Locking user out

[iJustErikk]

A common use case is locking a user out temporarily if they attempt to login with the incorrect password enough times.

I think this would a nice feature to have. I can implement it when I get some time.

Does this sound like a good idea?

[czocher]

Hi, both role handling and any additional requirements concerning authorization (like account locking) will be discussed and handled after #101 is merged.
Rest assured that if we decide not to support roles and locking users out directly in this crate, we shall either provide an example how to handle situations like those, or provide a separate crate built on top of axum_login to add those functions.

[maxcountryman]

We've just released v0.7.0. In that release, we've included scope for authorization (i.e. user and group based permissions). However, we have not directly addressed this use case.

As it stands, an approach application authors can take is to track this via the session directly by using Session. We can document this approach as an example (as an aside I would like to address #105 as we add more examples).