In my ASP MVC web application, when I try to authenticate using email and password to log in. The URL redirect doesn't allow me to pass to the main page after successful authentication.
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl) && returnUrl.Contains(nameof(windowsLogOff)))
{
return RedirectToAction(nameof(Login));
}
if (User.Identity.IsAuthenticated)
{
return RedirectToAction(nameof(windowsLogOff), new { returnUrl = returnUrl });
}
if (OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList.Count == 1 && Portal.Commons.Models.Configuration.ByPassAuthentication)
{
return RedirectToAction(nameof(ExternalLoginRedirect), new { returnUrl = returnUrl, provider = OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList[0].AuthenticationTypeDefault });
}
return View();
}
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public ActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
using (var db = new appDbContext())
{
var encodedPWD = Sha256(model.Password);
var obj = db.Users.Where(a => a.Email.Equals(model.Email) && a.PasswordHash.Equals(encodedPWD)).FirstOrDefault();
if (obj != null)
{
Session["id"] = obj.Id.ToString();
Session["name"] = obj.name.ToString();
Session["email"] = obj.Email.ToString();
return RedirectToAction("Manager", "home");
}
ModelState.AddModelError("", "Email or Password is invalid!.");
}
}
return View(model);
}
and my routeConfig code:
public class RouteConfig
{
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
name: "DefaultEn",
url: "en/{controller}/{action}/{id}",
defaults: new { language = "en", controller = "data", action = "index", id = UrlParameter.Optional },
constraints: new { controller = "data" },
namespaces: new[] { "Portal.Controllers" }
);
routes.MapRoute(
name: "Default",
url: "{controller}/{action}/{id}",
defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional }
);
}
}
When I enter on login page the URL on localhost is something like this: http://localhost:3535/account/login?ReturnUrl=%2F
When I fill the login form with the correct credentials I got this: http://localhost:3535/account/login?ReturnUrl=%2Fhome%2FManager
Instead of: http://localhost:3535/account/Manager
About OwinAuthentication
, using external login to authenticate such as Google and Microsoft, both works without any issue, I only got a problem on manual login.
I have found that the solution to solve this issue is creating a Custom Authentication and Authorization for my custom local login.
My custom login only updates session and redirects to account/index, which probably requires authentication, thus the redirect to the authentication url.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.