我有一个passwordChange表单来更改用户密码,当他第一次登录时更改它。修改密码后,我重定向到登录页面。问题是,虽然我在changePasswordForm,如果我打开一个新的选项卡,或关闭并再次打开浏览器的用户得到登录,我跳过密码更改如果是第一次。
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> ResetPassword(ResetPasswordInputModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var result = await _accountService.ResetPasswordAsync(model);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
return View();
}
TempData["IsPasswordChanged"] = true;
return RedirectToAction("Login", routeValues: new { ReturnUrl = model.ReturnUrl });
}
public async Task<IdentityResult> ResetPasswordAsync(ResetPasswordInputModel model)
{
var user = await _userManager.FindByNameAsync(model.Username);
var error = new IdentityError();
if (user == null)
{
error.Description = "User doesnt exist";
return IdentityResult.Failed(error);
}
var cantUpdatePassword = await _userManager.CheckPasswordAsync(user, model.NewPassword);
if (cantUpdatePassword)
{
error.Description = "Current password incorrect";
return IdentityResult.Failed(error);
}
var result = await _userManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);
if (result.Succeeded)
{
user.IsPasswordChanged = true;
await _userManager.UpdateAsync(user);
// THIS IS NOT WORKING
await _signInManager.SignOutAsync();
await _events.RaiseAsync(new UserLogoutSuccessEvent(user.Id.ToString(), user.UserName));
}
return result;
}
您可以在注销后使用Session.Abandon(),然后您可能应该重定向到login,