【发布时间】:2021-12-03 03:40:29
【问题描述】:
我有一个passwordChange表单来更改用户密码,当他第一次登录时更改它。更改密码后,我将重定向到登录页面。问题是,如果我在 changePasswordForm 中打开一个新选项卡,或者关闭并再次打开用户登录的浏览器,我会跳过密码更改(如果是第一次)。
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> ResetPassword(ResetPasswordInputModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var result = await _accountService.ResetPasswordAsync(model);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
return View();
}
TempData["IsPasswordChanged"] = true;
return RedirectToAction("Login", routeValues: new { ReturnUrl = model.ReturnUrl });
}
public async Task<IdentityResult> ResetPasswordAsync(ResetPasswordInputModel model)
{
var user = await _userManager.FindByNameAsync(model.Username);
var error = new IdentityError();
if (user == null)
{
error.Description = "User doesnt exist";
return IdentityResult.Failed(error);
}
var cantUpdatePassword = await _userManager.CheckPasswordAsync(user, model.NewPassword);
if (cantUpdatePassword)
{
error.Description = "Current password incorrect";
return IdentityResult.Failed(error);
}
var result = await _userManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);
if (result.Succeeded)
{
user.IsPasswordChanged = true;
await _userManager.UpdateAsync(user);
// THIS IS NOT WORKING
await _signInManager.SignOutAsync();
await _events.RaiseAsync(new UserLogoutSuccessEvent(user.Id.ToString(), user.UserName));
}
return result;
}
【问题讨论】:
-
您应该遵循一些常见做法stackoverflow.com/a/23633068/6527049
-
你能分享调用
_signInManager.SignOutAsync()的请求的响应头吗? -
我解决了关闭标签和窗口的问题,不,我只有在他更改密码后返回登录表单后的问题。
标签: c# asp.net-mvc identityserver4 logout