ASP.NET Identity user null after login
Question
Edit 1
Having updated the code to better handle this problem, I'm now running into the following problem:
The provided anti-forgery token was meant for a different claims-based user than the current user.
Here's the updated code:
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
if (result == SignInStatus.Success)
{
var store = new UserStore<ApplicationUser>(new ApplicationDbContext());
var manager = new UserManager<ApplicationUser>(store);
var user = manager.FindById(User.Identity.GetUserId());
GenerateUserCookie(model, user, returnUrl);
}
switch (result)
{
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
default:
return View(model);
}
private ActionResult GenerateUserCookie(LoginViewModel model, ApplicationUser user, string returnUrl)
{
if (user == null)
{
ModelState.AddModelError("", "Someething went wrong; please try logging in again.");
return View(model);
}
var cookie = new HttpCookie("stman");
if (user.AgentId >= 1) cookie.Values.Add("aid", user.AgentId.ToString());
cookie.Values.Add("wumpus", user.Id.ToString());
Response.Cookies.Add(cookie);
return RedirectToLocal(returnUrl);
}
Original Question
Like the title says, after I log in, the user value returned by the following code is still null.
To actually get a user, I have to open the login screen again (not refresh) and log in again...
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
var store = new UserStore<ApplicationUser>(new ApplicationDbContext());
var manager = new UserManager<ApplicationUser>(store);
var user = manager.FindById(User.Identity.GetUserId());
GenerateUserCookie(user);
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
private void GenerateUserCookie(ApplicationUser user)
{
var cookie = new HttpCookie("stman");
// Throws exception most times since the user is null.
if (user.AgentId >= 1)
{
cookie.Values.Add("aid", user.AgentId.ToString());
}
cookie.Values.Add("wumpus", user.Id.ToString());
Response.Cookies.Add(cookie);
}
1 answers
solution1
3 ACCPTED 2018-09-27 16:52:38
The issue is that User.Identity is unavailable until after you redirect. An easy way around this is to use the username rather than id to get the correct ApplicationUser .
var manager = new UserManager<ApplicationUser>(store);
var user = manager.FindByName(model.UserName);
GenerateUserCookie(user);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.