I am working on a legacy ASP.NET webforms application which is nearly 18 years old. It uses a simple form-based authentication where the users enter their username/password and the user is authenticated by matching the username/password saved in the Users table.
Now I am tasked with creating a separate ASP.NET Core 6.0 application with identity and razor pages which will be used to log into the above-mentioned old website and use two-factor authentication.
I have created all the identity tables such as AspNetUsers using migrations. I also moved all the rows from the old Users table to this AspNetUsers table.
Now, when the old users try to log in, I will check that the username is present and it matches the old password they entered. After that, I want to direct them to the ChangePassword.cshtml razor page. The user probably should not be asked to enter the old password, since the cryptography used by the old application and the ASP.NET Core Identity will be different.
When they enter the password and confirm the password textboxes, the password should be updated and they can now log in using ASP.NET Core Identity. I would like to know how this can be achieved. Any help is greatly appreciated.