After ChangePasswordAsync
, the user is signed out automatically and needs to sign in again. How can I keep the user signed in?
private UserManager<ApplicationUser> _userManager
{
get
{
var userStore = new UserStore<ApplicationUser>(Db);
return new UserManager<ApplicationUser>(userStore);
}
}
public bool ChangePassword(string oldPassword,string password)
{
var userId = HttpContext.Current.User.Identity.GetUserId();
var user = _userManager.ChangePasswordAsync(userId, oldPassword, password);
if(!user.Result.Succeeded) return false;
return true;
}
Instead of calling _userManager.ChangePasswordAsync
, modify directly PasswordHash
:
var userName = HttpContext.Current.User.Identity.Name;
var user = _userManager.Find(userName, oldPassword);
user.PasswordHash = UserManager.PasswordHasher.HashPassword(password);
IdentityResult result = await UserManager.UpdateAsync(user);