Update claim values in ASP.NET One Core

Question

Update claim values in ASP.NET One Core

I have a web application in MVC 6 (Asp.Net One Core) and I use claims-based authentication. In the Login method, I install Claims:

var claims = new Claim[] { new Claim("Name", content.Name), new Claim("Email", content.Email), new Claim("RoleId", content.RoleId.ToString()), }; var ci = new ClaimsIdentity(claims, "password"); await HttpContext.Authentication.SignInAsync("Cookies", new ClaimsPrincipal(ci));

Now, if the user, for example, has changed the email address in the user profile, how can I change the email value for the "Email" request? Do I need to activate SignOutAsync and SignInAsync again to update the cookie? Is the best solution to keep this in a classic session? Is there a better solution? Am I absolutely wrong?

Any suggestions?

+9

c # asp.net asp.net-mvc claims-based-identity asp.net-identity-3

Martín Aug 18 '16 at 20:17

source share

2 answers

Another option, instead of SignOutAsync and SignInAsync , is to use RefreshSignInAsync .

Example:

 var user = await _userManager.FindByIdAsync(yourId); await _signInManager.RefreshSignInAsync(user);

RefreshSignInAsync out the SignInManager code in SignInManager : https://github.com/aspnet/AspNetCore/blob/79beaea734016e86e83d0a249ab8b4c8bdf2046d/src/Identity/Core/src/SignInManager.cs

+23

ozziwald Nov 26 '16 at 5:37

source share

Win · Accepted Answer · 2016-08-18T20:47:47+0000

Do I need to register SignOutAsync and SignInAsync again to update cookies?

The answer is yes.

The easiest way is to manually log out and log in (create applications again) within the same method of action in which you update your email.

Is the best solution to keep this in a classic session?

I suggest not doing this. Using session state is clearly bad practice in ASP.Net MVC.

Update claim values ​​in ASP.NET One Core

More articles:

Update claim values in ASP.NET One Core