Click here to Skip to main content
14,735,614 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
OK I'v researched and tried every single suggestion (individually of course) before posting this and I hit a wall every time

This is my log in view I used ViewBag to pass the ReturnUrl value as I've seen in many answers to this problem

<h2>Login</h2>
    @using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { role = "form" }))
    {
        @Html.AntiForgeryToken()
  

      ...............


And this is the login action result

[HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Login(UserLogin login, string returnUrl="")
    {
        string message = "";
        using (NerdsContext nc = new NerdsContext())
        {
            var v = nc.User.Where(a => a.email == login.email).FirstOrDefault();
            if (v != null)
            {
                if (!v.IsEmailVerified)
                {
                    ViewBag.Message = "Please verify your email first";
                    return View();
                }
                if (string.Compare(Crypto.Hash(login.password), v.password) == 0)
                {
                    int timeout = login.rememberMe ? 525600 : 20; // 525600 min = 1 year
                    var ticket = new FormsAuthenticationTicket(login.email, login.rememberMe, timeout);
                    string encrypted = FormsAuthentication.Encrypt(ticket);
                    var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                    cookie.Expires = DateTime.Now.AddMinutes(timeout);
                    cookie.HttpOnly = true;
                    Response.Cookies.Add(cookie);

                    //Redirect the user to new url
                    if (Url.IsLocalUrl(returnUrl))
                    {
                        ViewBag.ReturnUrl = returnUrl;
                        return Redirect(returnUrl);
                       
                    }
                    else
                    {
                        return RedirectToAction("Nerd", "Home");
                    }
                }
                else
                {
                    message = "Invalid credential provided";
                }
            }
            else
            {
                message = "Invalid credential provided";
            }
        }
        ViewBag.Message = message;
        return View();
    }

And finally this is the lines I added in web.config file

<authentication mode="Forms">
          <forms cookieless="UseCookies"  loginUrl="/Account/Login"  timeout="30" slidingExpiration="true" protection="All"></forms>
        </authentication>

And when I run this I never get to actually login it always send me back to the login page and the value of the returnUrl is always null
So what is going on here????


What I have tried:

I've seen lots of posts about this issue and tried almost all of them but with no use..I'd appreciate any help here
Posted
Updated 11-Oct-17 7:07am

I am not very sure about the solution, but i can offer you two options:

1) In your UserLogin class add a property called returnUrl. Then, in the html form puet a input of type hidden whit this value (in order to be included in the UserLogin). Obviously in the controller you will recibe only one parameter of type UserLogin and you can access the returnUrl from there.

2) Instead of call your parameters ReturnUrl (in your html code) and returnUrl (in the controller), call both with exactlly the same case (or both ReturnUrl or both returnUrl).

I hope this suggestions will help you.
   
Comments
RashaSalim 9-Oct-17 5:34am
   
Thanks a lot for your reply I'll try this and let you know what happens
RashaSalim 9-Oct-17 6:24am
   
OK there is a progress now the return Url has a value but still my user is redirected to the login page as if he didn't grant authentication...I think part of the problem is the lack of full understanding on my behalf, I post this in another forum and someone pointed out that I don't have a code for user actually logging in
do you have any other ideas?
Thanks
Member 7870345 9-Oct-17 7:16am
   
I am sorry, but I dont understand what do you mean.
Reading the code there are several case:
a) is a invalid user then ViewBag.Message = "Invalid credential provided" and the Login view is showed again (with ViewBag.Message == "Invalid credential provided")
b) is a valid user and the email is not verified then ViewBag.Message = "Please verify your email first" and the Login view is showed again (with ViewBag.Message == "Please verify your email first")
c) is a valid user and then email is verified and the password is ok, then the cookie with the identification is set and
c.1) if the returnUrl is local then the user is redirected to returnUrl
c.2) if the returnUrl is not local then the user is redirected to RedirectToAction("Nerd", "Home");
d) is a valid user and then email is verified and the password is not ok, then ViewBag.Message = "Invalid credential provided" and the Login view is showed again (with ViewBag.Message == "Invalid credential provided").

Wich is the behavior that do you want? Wich are the diferences between your requeriments and the code?
RashaSalim 9-Oct-17 8:59am
   
I used the debugger and everything looks fine it is actually executing the if (Url.IsLocalUrl(ReturnUrl)) statement
and this is the url in the browser
http://localhost:49408/Account/Login?ReturnUrl=%2FHome%2FNerd

but it never goes to the (/Home/Nerd) it goes back to login page without any message displayed...so why do you think is that, why the user is not granting access to the page
this is the Nerd action method in Home Controller
[Authorize]
public ActionResult Nerd()
{
return View();
}
Member 7870345 10-Oct-17 3:04am
   
Please put a breakpoint in the sentence "if (Url.IsLocalUrl(ReturnUrl))" and another breakpoint "public ActionResult Nerd()".
Then execute the code, and watch what is the value of "ReturnUrl" (please tell in a message this value). Let the code continue executing and watch if the second breakpoint (in the public ActionResult Nerd()) is executed or not.
OK after much search I found my answer here
authentication - Asp.net MVC ReturnUrl value always null - Stack Overflow[^]


I had to add these line in my web.config's modules inside system.WebServer

<remove name="FormsAuthentication" />
          <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900