Why do I get User.Identity.IsAuthenticated false
Question
I get my User.Identity.IsAuthenticated in false. I think this is causing my second problem: I cannot access controllers with [Authorize] decorator.
My code goes:
My
MembershipProviderinheritance, with the implementation onValidateUser:public override bool ValidateUser(string username, string password) { if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) return false; var user = DBManager.Context.Usuarios.First(x => x.Nombre == username); if (user.Pass != password) return false; return true; }My
Web.Configauthentication part:<authentication mode="Forms"> <forms loginUrl="~/Account/Login" defaultUrl="~/" timeout="20" slidingExpiration="true" /> </authentication> <membership defaultProvider="Membership"> <providers> <clear /> <add name="Membership" type="SGKS.Security.Membership" /> </providers> </membership>My
Contorller:[HttpGet] [AllowAnonymous] public ActionResult Login() { if (User.Identity.IsAuthenticated) { return RedirectToAction("Index", "Facutra"); } return View(); } [HttpPost] [AllowAnonymous] public ActionResult Login(Login model) { if (ModelState.IsValid) { if (System.Web.Security.Membership.ValidateUser(model.Nombre, model.Pass)) { FormsAuthentication.SetAuthCookie(model.Nombre, model.Recordarme); } ViewBag.Error = "Usuario y/o contraseña incorrectos."; } return View(model); }
1 answers
solution1
0 ACCPTED 2016-07-14 00:20:37
I found the answer here :
When you call
FormsAuthentication.SetAuthCookieupon successful authentication you are adding the authentication cookie to the response . This cookie will be stored on the client browser and will be sent on subsequent requests. So it is only on subsequent requests that the user will be considered as authenticated. So you need to always redirect after calling theSetAuthCookiemethod.
In other words, you need to add RedirectToAction immediately after calling FormsAuthentication.SetAuthCookie .
[HttpPost]
[AllowAnonymous]
// The ASP.NET framework automatically puts a returnUrl query string parameter of the original
// page the user requested. You just need to add that parameter here to gain access to it
// (assuming you want to redirect the user back to the original requested page rather than
// some start page).
public ActionResult Login(Login model, string returnUrl)
{
if (ModelState.IsValid)
{
if (System.Web.Security.Membership.ValidateUser(model.Nombre, model.Pass))
{
FormsAuthentication.SetAuthCookie(model.Nombre, model.Recordarme);
// Redirect so the next request can see the user as authenticated
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
ViewBag.Error = "Usuario y/o contraseña incorrectos.";
}
return View(model);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.