I have a Web Application in MVC 6 (Asp.Net One Core), and I'm using Claims based authentication. In the Login method I set the Claims:
var claims = new Claim
new Claim("Name", content.Name),
new Claim("Email", content.Email),
new Claim("RoleId", content.RoleId.ToString()),
var ci = new ClaimsIdentity(claims, "password");
await HttpContext.Authentication.SignInAsync("Cookies", new ClaimsPrincipal(ci));
I have to SignOutAsync and SignInAsync again in order to update the cookie?
Answer is yes.
Easiest way is you can manually sign-out and sign-in (create claims again) inside the same action method where you are updating the email.
The best solution is to save this into a classic session?
I suggest not to do that. Using session state explicitly is a bad practice in ASP.Net MVC.