执行ChangePasswordAsync操作后,用户自动注销,需要重新登录。如何保持用户登录?
private UserManager<ApplicationUser> _userManager
{
get
{
var userStore = new UserStore<ApplicationUser>(Db);
return new UserManager<ApplicationUser>(userStore);
}
}
public bool ChangePassword(string oldPassword,string password)
{
var userId = HttpContext.Current.User.Identity.GetUserId();
var user = _userManager.ChangePasswordAsync(userId, oldPassword, password);
if(!user.Result.Succeeded) return false;
return true;
}
不调用_userManager.ChangePasswordAsync,直接修改PasswordHash:
var userName = HttpContext.Current.User.Identity.Name;
var user = _userManager.Find(userName, oldPassword);
user.PasswordHash = UserManager.PasswordHasher.HashPassword(password);
IdentityResult result = await UserManager.UpdateAsync(user);