New Asp.Net MVC5 project produces an infinite loop to login page

Question

I am creating a brand new projet with Visual Studio 2013, I choose Asp.Net MVC and the framework 4.5.1 The project is created, then, I do nothing else than F5 to start the d

Answer 1

TL:DR? Do not call a protected web API (any web API which requires Authorization) from an authorization page such as ~/Account/Login (which, by itself, does NOT do this.). If you do you will enter into an infinite redirect loop on the server-side.

Cause

I found that the culprit was, indirectly, AccountController::Authorize and the fact that AccountController is decorated with [Authorize].

The root cause was Sammy() being called from HomeViewModel() (Line 6 of home.viewmodel.js), which was accessing a "protected web API". This was being done for /Account/Login, which resulted in /Account/Login redirecting to itself.

Confirmation

You can confirm this is the cause of your problem through several methods:

1. Decorate AccountController::Authorize with [AllowAnonymous]
2. Comment out the Sammy() calls made during viewmodel construction.

Solution

The solution was to only emit the app bundle (a.k.a "~/bundles/app") for views which already required authorization. To my knowledge /Account/ views are classic MVC-based views, and are not part of the app datamodel/viewmodel, but I had mistakenly moved the bundle Scripts.Render(@"~/bundles/app") call into _Layout.cshtml (causing protected web API calls to be made for all MVC views, including /Account/.)