问题
I use the IUserSecurityStampStore to implement sign-out-everywhere functionality. It seems to work fine, however I have the problem that every time the user changes her password, she is logged off afterwards.
One possibility to work around this issue, is to call SignIn in the Manage-Action of the AccountController after a password change.
This seems to work, but I think it’s a bit clumsy and probably not the right way.
Thats why my questions are:
- How can I force OWIN to rewrite the cookie for the current logged on user?
- If the above way is the right way, how do I know if the user wants to have her Cookie persistent or not (SignIn desires this information)?
回答1:
So the samples and templates call SignIn after the user does something that causes the security stamp to change. Unfortunately you do not have a great way to restore the persistent state of the cookie in this scenario, this is something we will try address in a future update.
I filed an issue to track this along with the other related issues around this: https://github.com/aspnet/Identity/issues/135
来源:https://stackoverflow.com/questions/24323330/how-to-rewrite-the-owin-cookie-manually-mvc5