public async Task <IActionResult> SaveProfile(AccountSettingsModel model) { GetRoles(); if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(model.Email); _mapper.AccountSettingsModelToApplicationUser(model, user); if (!string.IsNullOrEmpty(model.OldPassword) || !string.IsNullOrEmpty(model.NewPassword) || !string.IsNullOrEmpty(model.NewPasswordConfirmation)) { if (string.IsNullOrEmpty(model.OldPassword)) { ModelState.AddModelError("OldPassword", "Enter your current password to change it"); return(View("Settings", model)); } if (string.IsNullOrEmpty(model.NewPassword)) { ModelState.AddModelError("NewPassword", "Enter your new password to change it"); return(View("Settings", model)); } var result = await _userManager.ChangePasswordAsync(user, model.OldPassword ?? "", model.NewPassword ?? ""); if (!result.Succeeded) { ModelState.AddModelError("OldPassword", "Incorrect password, please enter your current password to change it"); return(View("Settings", model)); } } var role = _roleManager.Roles.First(r => r.Id == model.RoleId).Name; var userRole = (await _userManager.GetRolesAsync(user)).FirstOrDefault(); if (role != userRole) { await _userManager.RemoveFromRoleAsync(user, userRole); await _userManager.AddToRoleAsync(user, role); } await _userManager.UpdateAsync(user); await HttpContext.RefreshLoginAsync(); if (User.IsInRole("Admin")) { return(RedirectToAction("Profile", new { userId = user.Id })); } return(RedirectToAction("Profile")); } return(View("Settings", model)); }