ASP.NET MVC5 Identity: Avoid changing logged-in user after registration

Question

I want to change the default Register Action of MVC5 ASP.NET Application.My Scenario is such that authorized users (such as admin) will login and they can create new users. However using below snippet, after creating user, current logged-in user will change to registered user.

How can I change below code to avoid changing logged-in user?

// POST: /Account/Register
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task Register(RegisterViewModel model)
{
    if (ModelState.IsValid)
    {
        var user = new ApplicationUser() { UserName = model.UserName,Name=model.Name };
        var result = await UserManager.CreateAsync(user, model.Password);
        if (result.Succeeded)
        {
            await SignInAsync(user, isPersistent: false);
            return RedirectToAction("Index", "Home");
        }
        else
        {
            AddErrors(result);
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

VSB · Accepted Answer

Remove SignInAsync and add [Authorize] annotation:

[HttpPost]
[Authorize]
[ValidateAntiForgeryToken]
public async Task Register(RegisterViewModel model)
{
    if (ModelState.IsValid)
    {
        var user = new ApplicationUser() { UserName = model.UserName,Name=model.Name };
        var result = await UserManager.CreateAsync(user, model.Password);
        if (result.Succeeded)
        {
            //await SignInAsync(user, isPersistent: false);
            return RedirectToAction("Index", "Home");
        }
        else
        {
            AddErrors(result);
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

ASP.NET MVC5 Identity: Avoid changing logged-in user after registration

Answers (2)

Related Questions