ASP.NET Identity, add another user to role instantly (they don't have to log out and in again)

Question

First of all, I\'m aware of this question: MVC 5 AddToRole requires logout before it works?

and this one: What is ASP.NET Identity's IUserSecurityStampStore

Answer 1

For ASP.NET Core Identity 2 the solution is to use:

services.Configure(options =>
{
    options.ValidationInterval = TimeSpan.FromMinutes(1);
});

To force an update every minute or use TimeSpan.Zero to force an update everytime the user accesses the page (notice that everytime a database request is performed).

Also make sure that if you overwrite the cookie events do not use:

        services.ConfigureApplicationCookie(options =>
        {
            options.Events = new CookieAuthenticationEvents(){
            ...
            };
        }

But overwrite the Events you need directly as otherwise validation is not called:

        services.ConfigureApplicationCookie(options =>
        {
            options.Events.OnRedirectToLogin = ctx => {
            ...
            };
        }