Add basic user lifecycle management #2112
Description
What problem are we solving?
Current user accounts are created and never transition through lifecycle states. There is no platform-level support for inactive, locked, disabled, or other lifecycle states, and no managed transitions such as admin-initiated lock/unlock or automatic unlock after conditions.
Who are we solving this for?
Identity administrators and operators who need an account lifecycle management model (suspend/reactivate/lock/unlock) to enforce security and compliance requirements.
Why should we solve this now?
Without lifecycle controls, abused or stale accounts remain active indefinitely, blocking common security hardening and operational workflows.
Proposed solution
Add user lifecycle support in identity management:
- states: active, inactive, locked, disabled (pending/transition)
- admin transitions and automated transitions (unlock, suspend, reactivate)
- enforcement in auth checks and flow execution
- persistence in user model/store and relevant APIs