public ActionResult ConfirmPasswordReset(string token, string email) { //check token is valid for email, then sign in user and go to password change var userManager = new UserManager(); var user = userManager.GetUserFromResetToken(email, token); if (user != null) { userManager.AssignNewSessionToken(user.ID, true); //sign in user PerformCoreLogin(user); //proceed to password change TempData["IsCurrentPasswordRequired"] = false; return RedirectToAction("ChangePassword", "Profile"); } return View(); }
public ActionResult SignOut() { if (Session["UserID"] != null) { // assign fresh session token for next login var userManager = new UserManager(); userManager.AssignNewSessionToken((int)Session["UserID"]); } //clear cookies & set new session token UpdateCookie(Response, "IdentityProvider", ""); UpdateCookie(Response, "Identifier", ""); UpdateCookie(Response, "Username", ""); UpdateCookie(Response, "OCMSessionToken", ""); UpdateCookie(Response, "AccessPermissions", ""); //clear session Session.Abandon(); return RedirectToAction("Index", "Home"); }