locked
Asp MVC URL doesn't redirect to index after successful authentication RRS feed

  • Question

  • User1787915951 posted

    In my ASP MVC web application, when I try to authenticate using email and password to log in. The URL redirect doesn't allow me to pass to the main page after successful authentication.

    When I enter on login page the URL on localhost is something like this: http://localhost:3535/account/login?ReturnUrl=%2F

    When I fill the login form with the correct credentials I got this: http://localhost:3535/account/login?ReturnUrl=%2Fhome%2FManager

    Instead of: http://localhost:3535/account/Manager

    About OwinAuthentication, using external login to authenticate such as Google and Microsoft, both works without any issue, I only got a problem on manual login.

    my code:

       public class RouteConfig
    {
        public static void RegisterRoutes(RouteCollection routes)
        {
            routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
    
            routes.MapRoute(
                name: "DefaultEn",
                url: "en/{controller}/{action}/{id}",
                defaults: new { language = "en", controller = "data", action = "index", id = UrlParameter.Optional },
                constraints: new { controller = "data" },
                namespaces: new[] { "Portal.Controllers" }
            );
    
            routes.MapRoute(
                name: "Default",
                url: "{controller}/{action}/{id}",
                defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional }
            );
        }
    }
     [AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl) && returnUrl.Contains(nameof(windowsLogOff)))
            {
                return RedirectToAction(nameof(Login));
            }
    
            if (User.Identity.IsAuthenticated)
            {
                return RedirectToAction(nameof(windowsLogOff), new { returnUrl = returnUrl });
            }
    
            if (OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList.Count == 1 && Portal.Commons.Models.Configuration.ByPassAuthentication)
            {
                return RedirectToAction(nameof(ExternalLoginRedirect), new { returnUrl = returnUrl, provider = OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList[0].AuthenticationTypeDefault });
            }
    
            return View();
        }
    
        [HttpPost]
        [ValidateAntiForgeryToken]
        [AllowAnonymous]
        public ActionResult Login(LoginViewModel model)
        {
            if (ModelState.IsValid)
            {
                using (var db = new appDbContext())
                {
                    var encodedPWD = Sha256(model.Password);
                    var obj = db.Users.Where(a => a.Email.Equals(model.Email) && a.PasswordHash.Equals(encodedPWD)).FirstOrDefault();
                    if (obj != null)
                    {
                        Session["id"] = obj.Id.ToString();
                        Session["name"] = obj.name.ToString();
                        Session["email"] = obj.Email.ToString();
    
                        return RedirectToAction("Manager", "home");
                    }
    
                    ModelState.AddModelError("", "Email or Password is invalid!.");
                }
            }
            return View(model);
        }  

    Wednesday, April 28, 2021 12:14 PM

All replies

  • User-474980206 posted

    You custom login only updates session and redirects to account/home, which probably requires authentication, thus the redirect to the authentication url. You need to create a custom authentication provider that creates HttpContext.Identity from the session cookie you set.

    Wednesday, April 28, 2021 2:31 PM
  • User1787915951 posted

    That makes sense , i will create a  custom authentication provider .

    Thank you,

    PM

    Wednesday, April 28, 2021 3:36 PM
  • User287926715 posted

    Hi Pratykus,

    If you use Identity for authentication, have you set loginPath?For example:

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
    ... ...
    LoginPath = new PathString("/Account/Login"),
    ... ...
    });

    Best Regards,

    ChaoDeng

    Thursday, April 29, 2021 6:52 AM