[英]ASP.NET Core (MVC): Can't get to the Login HttpPost action in controller
I'm trying to implement a basic (and rather crude) identification, but I can't seem to actually get to the post action in my controller. 我正在尝试实现基本的(而不是粗略的)标识,但是我似乎无法真正在控制器中进行后期操作。
I have an Account controller that looks like this: 我有一个如下所示的帐户控制器:
[Authorize]
public class AccountController : Controller
{
private ApplicationDbContext _context;
public AccountController(ApplicationDbContext context)
{
_context = context;
}
[HttpGet]
[AllowAnonymous]
public IActionResult Login()
{
return View();
}
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Login(Identity model)
{
var t = _context.LoginTable.FirstOrDefault(m => m.UserName == model.UserName);
if (t == null)
return View("Signup");
return View("Index");
}
}
And my razor view be like this: 我的剃刀视图如下所示:
@model MyProject.Models.Identity
@{
ViewData["Title"] = "Login";
Layout = "~/Views/Shared/_Layout.cshtml";
}
<h2>Login</h2>
<form method="post">
<div class="form-group">
@Html.LabelFor(m => m.UserName)
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control" })
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password)
@Html.TextBoxFor(m => m.Password, new { @class = "form-control", @type = "password" })
</div>
<button type="submit" name="login" value="Login">Login</button>
</form>
And in my startup.cs - the middle-ware is like this: 在我的startup.cs中-中间件是这样的:
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseAuthentication();
app.UseStaticFiles(); // serve static files (bootstrap, jQuery, css, etc.) first
app.UseMvc(ConfigureRoutes);
app.Run(async (context) =>
{
await context.Response.WriteAsync("Hello World!");
});
}
When I click the submit button - in debug mode I see I do hit the GET method, but not the POST. 单击提交按钮时-在调试模式下,我确实单击了GET方法,但未单击POST。
What did I miss? 我错过了什么?
EDIT: Another thing that might be in use, is that every time I try to submit the login form, the url is added with another account%...login%... ie 1st time: 编辑:可能正在使用的另一件事是,每次我尝试提交登录表单时,该URL都会添加另一个帐户%... login%...即第一次:
http://localhost:64191/Account/Login?ReturnUrl=%2F HTTP://本地主机:64191 /帐号/登录RETURNURL =%2F
2nd time: 第二次:
http://localhost:64191/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252F HTTP://本地主机:64191 /帐号/登录RETURNURL =%2FAccount%2FLogin%3FReturnUrl%3D%252F
etc. 等等
See comments. 看评论。 Turns out that the authorization controller needs to be open. 原来需要打开授权控制器。 So, removing the [Authorize]
filter on the controller allows the POST to reach the action inside of that controller. 因此,删除控制器上的[Authorize]
过滤器可使POST到达该控制器内部的动作。
When that filter was in place, the POST hits that filter, checks to see if the user is authorized, and then redirects them to the GET before the user ever reaches the POST action. 放置好该过滤器后,POST会点击该过滤器,检查用户是否获得授权,然后在用户到达POST操作之前将其重定向到GET。
Glad that worked. 很高兴。 Leaving the other answer in place below (a) to keep myself honest (original answer was wrong) and (b) in case someone else runs into that common problem... 将其他答案留在下面(a)以使自己诚实(原始答案是错误的)和(b)万一其他人遇到该常见问题...
Try adding [FromBody] in front of the model, so mvc knows you want to pull that model from the post body. 尝试在模型前面添加[FromBody],因此mvc知道您要从帖子主体中提取该模型。
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Login([FromBody] Identity model) {
... etc ....
}
Its a really common miss with my dev team (especially converting from older .net apps). 这对我的开发团队来说是一个非常常见的失误(尤其是从较旧的.net应用转换)。
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Login(Identity model)
Here you request the AntiForgeryToken
but you don't provide it in your view. 在这里,您需要AntiForgeryToken
但您未在视图中提供它。 You need to add it inside the form. 您需要将其添加到表单中。
<form method="post">
@Html.AntiForgeryToken()
...
</form>
You can also make this automatically by adding a filter to mvc option: 您还可以通过向mvc选项添加过滤器来自动进行此操作:
services.AddMvc(options =>
{
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
});
Your action from the controller will look like this: 您从控制器执行的操作将如下所示:
[HttpPost]
public IActionResult Login(Identity model)
And the view: 和视图:
<form method="post">
...
</form>
Also the HttpGet action has [AllowAnonymous]
attribute, the HttpPost action should have it too. HttpGet操作也具有[AllowAnonymous]
属性,HttpPost操作也应该具有它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.