问题
I have an AccountController where users can login, and an area named Admin where users have to been autorized to see. When users log in with correct username and pw, it redirects to the same page again (../Account/Login?ReturnUrl=%2FAdmin)
AccountController
public class AccountController : Controller
{
[AllowAnonymous]
public ActionResult Login()
{
return View();
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.Username == "User" && model.Password == "Pa$$W0rd")
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Admin", new { area = "Admin"});
}
ModelState.AddModelError("", "Brukernavn og/eller passord er feil");
}
return View();
}
}
AdminController in area Admin
[Authorize]
public class AdminController : HimmelhoytControllerBase
{
public ActionResult Index()
{
return View();
}
}
View Login
@model Himmelhoyt.Models.AccountModels.LoginModel
@{
ViewBag.Title = "Logg inn";
}
@using (Html.BeginForm("Login", "Account", FormMethod.Post, new { @class = "form-signin" }))
{
< text>
@Html.AntiForgeryToken()
@Html.LabelFor(m => m.Username, new { @class = "sr-only" }) @Html.EditorFor(m => m.Username, new { htmlAttributes = new { @class = "form-control", placeholder = "Brukernavn", autofocus = "autofocus" } })
@Html.ValidationMessageFor(m => m.Username, "", new { @class = "bg-danger validationMessage" })
@Html.LabelFor(m => m.Password, new { @class = "sr-only" }) @Html.EditorFor(m => m.Password, new { htmlAttributes = new { @class = "form-control", placeholder = "Passord", type = "password" } })
@Html.ValidationMessageFor(m => m.Password, "", new { @class = "bg-danger validationMessage" })
<br/>
@Html.EditorFor(x => x.RememberMe@*, new { htmlAttributes = new { @class = "checkbox" } }*@) @Html.LabelFor(m => m.RememberMe)
@Html.ValidationMessageFor(m => m.RememberMe)
<br />
@Html.Submit("Logg på", new { @class = "btn btn-lg btn-primary btn-block" })
@Html.ValidationSummary(true)
</text>
}
In the Account-controller, return RedirectToAction("Index", "Admin", new { area = "Admin" }); is executed, but as I said, it only redirects to the same page.
EDITED Web.config
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
</configSections>
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\aspnet-Himmelhoyt-20140831071527.mdf;Initial Catalog=aspnet-Himmelhoyt-20140831071527;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="HimmelhoytDb" connectionString="data source=(localdb)\v11.0;initial catalog=Himmelhoyt;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<!--<authentication mode="None" />-->
<authentication mode="Forms">
<forms loginUrl="/Account/Login" />
</authentication>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-5.2.2.0" newVersion="5.2.2.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
回答1:
Try to remove the following lines from your Web.config
<modules>
<remove name="FormsAuthentication" />
</modules>
回答2:
Try this:
move this method from the Account controller to the Admin controller:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.Username == "User" && model.Password == "Pa$$W0rd")
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Admin", new { area = "Admin"});
}
ModelState.AddModelError("", "Brukernavn og/eller passord er feil");
}
return View();
}
And change the controller call in your View from:
@using (Html.BeginForm("Login", "Account", FormMethod.Post, new { @class = "form-signin" }))
to:
@using (Html.BeginForm("Login", "Admin", FormMethod.Post, new { @class = "form-signin" }))
Then change a line in the method you moved to the Admin Controller, from:
return View();
to:
return Redirect("Index");
See if it works and suits your needs
回答3:
If I am correct, I can see that you set SetAuthCookie if the user provide correct credentials but you haven't sign in yet. because of that you always redirected to the login page.
I think you have to sign in in order to see the admin section. Use your sing in methods to sign in.
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.Username == "User" && model.Password == "Pa$$W0rd")
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
//Sign in code should go here.
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Admin", new { area = "Admin"});
}
ModelState.AddModelError("", "Brukernavn og/eller passord er feil");
}
return View();
}
What is the authentication method you used in your application? Is it Asp.net Identity framework?
Hope this helps.
回答4:
public static string securityIsnuul(string id)
{
agancyEntities db = new agancyEntities();
if (id == null)
{
//// redirect to url??????
}
}
回答5:
I do not know if this is okay but for your problem I did as follows:
case SignInStatus.Success:
return RedirectToAction("RedirectLogin", new {ReturnUrl = returnUrl});
public ActionResult RedirectLogin(string returnUrl)
{
return User.IsInRole("Reader") ? RedirectToAction("Index", "Employees") : RedirectToLocal(returnUrl);
}
And if you do not want it to be "Home" or "Index" as default, change this:
private ActionResult RedirectToLocal(string returnUrl)
{
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Dashboard", "User");
}
Everything in your AccountController, hope it helps.
回答6:
Your this line of code
return RedirectToAction("Index", "Admin", new { area = "Admin"});
might be throwing exception. Try
- putting a try catch and see what is the exception.
- You are passing value , but your index method in Admin does not take any param. Check this.
来源:https://stackoverflow.com/questions/25804518/mvc-redirect-after-login