site acting strange!

Question

User-1101529841 posted

Hi,

I have a site, when i first load it goes to main.aspx, if i try to login it will keep redirecting to the same page (won't login) until i browse some other page where it checks if the user is logged in, and since the user is not logged in it will redirect to the first page (main.aspx) then i can try to login again and this time it will work.

everything goes well after that, if i logout and try to login again, no problems but the problem will come back if i close the browser and open it again, no problems as long as the internet is open!

is this something to do with cookies? how to delete cookies when browser closes!

 protected void btnlogin_Click(object sender, EventArgs e)
    {

        UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
        userStore.Context.Database.Connection.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["GarageConnectionString"].ConnectionString;

        UserManager<IdentityUser> manager = new UserManager<IdentityUser>(userStore);

        var user = manager.Find(txtUserName.Text, txtPassword.Text);

        if (user != null && (user.UserName == "rwahdan" || user.UserName == "fhabib"))
        {

            var authinticationManager = HttpContext.Current.GetOwinContext().Authentication;
            var userIdentity = manager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

            authinticationManager.SignIn(new AuthenticationProperties
            {

                IsPersistent = false

            }, userIdentity);
            Response.Redirect("~/Pages/Management/Index.aspx");

        }
        else
        {

            Response.Redirect("~/Main.aspx");

        }

    }

after a lot of search i realized that this is cause by Owin cookies but why is it happening and how to avoid it and still use owin? 

here is the site demo:

http://www.totahonlinestore.com/main.aspx

username: 123

password: 123456

if you try it will return back with owin backurl, go to either links on the sides then click on the product picture then on the next page click "add product", after that click on home link. now try again logging in, user 123 and pass 123456, it will!

here is the code for the "add product"

protected void btnAdd_Click(object sender, EventArgs e)
    {

        if (!string.IsNullOrWhiteSpace(Request.QueryString["id"]))
        {
            string clientId = Context.User.Identity.GetUserId();
            if (clientId != null)
            {

                int id = Convert.ToInt32(Request.QueryString["id"]);
                int amount = Convert.ToInt32(ddlAmount.SelectedValue);

                cart cart = new cart
                {

                    Code = lblcode.Text,
                    AMOUNT = amount,
                    PRODUCTID = id,
                    CLIENTID = clientId,
                    DATEPURCHASED = DateTime.Now,
                    ISINCART = true,

                };

                CartModel model = new CartModel();
                lblResult.Text = model.InsertCart(cart);

               
            }
            else
            {
                Class1.productadded = 3;
            }
        }

        add_subproducts();
        Response.Redirect("~/frederic/Index.aspx");
        
    }

    private void add_subproducts()
    {

        if (!string.IsNullOrWhiteSpace(Request.QueryString["id"]))
        {
            string clientId = Context.User.Identity.GetUserId();
            if (clientId != null)
            {

                Class1.productadded = 1;

                foreach (GridViewRow row in GridView1.Rows)
                {
                    if (row.RowType == DataControlRowType.DataRow)
                    {
                     
                        DropDownList ddlchildamount = (DropDownList)row.FindControl("DropDownList1");
                        Label thecode = (Label)row.FindControl("Label3");
                        Label theid = (Label)row.FindControl("Label1");

                        string thecode2 = thecode.Text.ToString();

                        int theid2 = Convert.ToInt32(theid.Text);

                        ChildProductModel childmodel = new ChildProductModel();
                        ChildProduct childproduct = childmodel.GetChildProduct(theid2);
                        
                        string ddl = ddlchildamount.SelectedValue;


                        if (ddl != "0")
                        {

                            int amount2 = Convert.ToInt32(ddlchildamount.SelectedValue);

                            sub_cart subcart2 = new sub_cart
                            {

                                ChildID = Convert.ToInt32(theid.Text),
                                ClientID = clientId,
                                ChildCode = thecode2,
                                ChildAmount = Convert.ToInt32(ddlchildamount.SelectedValue),
                                DatePurchased = DateTime.Now,
                                IsInCart = true,

                            };

                            SubCartModel submodel1 = new SubCartModel();
                            lblResult.Text = submodel1.InsertSubCart(subcart2);
                        }

                    }

                }

            }
        }
    }

Thanks. 

Answer 1

User-2057865890 posted

Hi ramiwahdan,

If the application uses OWIN CookieAuthentication instead of using FormsAuthentication to generate the cookie, ensure the web.config settings like this

<system.web>
  <authentication mode="None" />    
</system.web>

<system.webServer>
  <modules>
    <remove name="FormsAuthentication" />
  </modules>
</system.webServer>

ASP.NET Identity with webforms

Best Regards,

Chris Zhao

Answer 2

User287680046 posted

Thanks for the reply Chris Zhao,

I tried to do as you said, it is still doing the same thing! I am not sure why is this happening to me! this is happening either i run it on local server or hosted server. every time i go to my site it lands on ...../main.aspx and when i try to login it will redirect to the same page .../main.aspx. the only way for it to work is to go to other page (frederic or forever) and click an image (product) then if i go back again to main.aspx and try to login then it works. everytime i close the browser and re-open it, this is happening. after the first attempt, if i keep the browser open it will work fine (login and logoff) many times no problem. it is weird and getting out of my hand!

Can you take a look at this please (demo site) and tell me what you notice? i am suspecting cookies are not cleared or something i am doing wrong with owin!

Site:                            www.totahonlinestore.com

Admin Portal:

                                 username: rwahdan

                                 password: fatima2010

I don't have a problem if i ran the application on the mobile! is it something with my machine?

Thanks.

Answer 3

User-2057865890 posted

Hi ramiwahdan,

You have two login page.

Page A: http://www.totahonlinestore.com/Main.aspx
Page B: http://www.totahonlinestore.com/Forever/Pages/Account/Login.aspx

Two accounts.

Account A: username: rwahdan password: fatima2010

Account B: username: 123 password: 123456

I tried using Account B to login yesterday.

Result:

Login on Page A: it redirects to Page A

Login on Page B: it works

What I have tried just now is

Using Account B login

Login on Page A: it redirects to Page A

Login on Page B: it redirects to Page B

Using Account A login

Login on Page A: it works

Login on Page B: it works

1. Ensure both sides(Page A and Page B login) are logically consistent.

if (user != null && (user.UserName == "rwahdan" || user.UserName == "fhabib"))

2. Based on the code above, it only allows account name="rwahdan" or "fhabib" to login, otherwise it redirects to main page. Change the code like this

if (user != null)

Best Regards,

Chris