If you provide a one-argument block to TLLoginComponent>>#onLogin: it will be evaluated after a logging-in user's username and password have been validated, but before they have gained access. The argument passed to the block is the logging-in user object. In the block you can access all the user object methods, including applicationProperties. If the block evaluates to nil, the user is allowed access. To disallow access, the block should evaluate to a string to be displayed to the user explaining that they are being denied access.
Login filters can be used to disable accounts temporarily, limit the frequency of logins, perform logging, etc.
Here is an example from LoginTestApp. There is a button labeled "Disable my account for two minutes" presented to logged-in users. Clicking the button sends disableMe:
self session user applicationProperties
put: (DateAndTime current) + 2 minutes.
In LoginTestApp initialize, the login filter is established like this:
loginComponent onLogin: [ :user | self loginFilter: user ].
Here is the login filter method itself:
| until |
until := user applicationProperties at: 'disabled' ifAbsent: [ ^ nil ].
until < DateAndTime current
user applicationProperties removeKey: 'disabled'.
^ nil ]
^ 'Your account is disabled. Try again later.']