Asp.net MVC ReturnUrl value always null

1
votes

OK I'v researched and tried every single suggestion (individually of course) before posting this and I hit a wall every time

This is my log in view I used ViewBag to pass the ReturnUrl value as I've seen in many answers to this problem

   <h2>Login</h2>
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { role = "form" }))
{
    @Html.AntiForgeryToken()


  ...............

And this is the login action result

   [HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(UserLogin login, string returnUrl="")
{
    string message = "";
    using (NerdsContext nc = new NerdsContext())
    {
        var v = nc.User.Where(a => a.email == login.email).FirstOrDefault();
        if (v != null)
        {
            if (!v.IsEmailVerified)
            {
                ViewBag.Message = "Please verify your email first";
                return View();
            }
            if (string.Compare(Crypto.Hash(login.password), v.password) == 0)
            {
                int timeout = login.rememberMe ? 525600 : 20; // 525600 min = 1 year
                var ticket = new FormsAuthenticationTicket(login.email, login.rememberMe, timeout);
                string encrypted = FormsAuthentication.Encrypt(ticket);
                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                cookie.Expires = DateTime.Now.AddMinutes(timeout);
                cookie.HttpOnly = true;
                Response.Cookies.Add(cookie);

                //Redirect the user to new url
                if (Url.IsLocalUrl(returnUrl))
                {
                    ViewBag.ReturnUrl = returnUrl;
                    return Redirect(returnUrl);

                }
                else
                {
                    return RedirectToAction("Nerd", "Home");
                }
            }
            else
            {
                message = "Invalid credential provided";
            }
        }
        else
        {
            message = "Invalid credential provided";
        }
    }
    ViewBag.Message = message;
    return View();
}

And finally this is the lines I added in web.config file 

 <authentication mode="Forms">
      <forms cookieless="UseCookies"  loginUrl="/Account/Login"  timeout="30" slidingExpiration="true" protection="All"></forms>
    </authentication>

And when I run this I never get to actually login it always send me back to the login page and the value of the returnUrl is always null So what is going on here????

1
asp.netauthenticationmodel-view-controllerloginreturnurl
Could you include Login GET method (your current example only has POST method)? ViewBag.ReturnUrl value exists if the GET action method result assigns the URL, otherwise it's null as ViewBag default value. Consider to use ViewBag.ReturnUrl = Request.QueryString["ReturnUrl"] if you're sure the returned URL given from query string. - Tetsuya Yamamoto
Yes I have the GET action method public ActionResult Login(string ReturnUrl) { ViewBag.ReturnUrl = ReturnUrl; return View(); } I'll try this out but do I have to change anything in the view? - salRad
It didn't work :( any other ideas? I feel lost here it's been couple of days and still didn't find any solution to this frustrated problem - salRad
Why not adding return URL property in UserLogin viewmodel class & pass returned URL by HiddenFor? When UserLogin submitted using POST, it automatically passes returned URL value and you can assign it with ViewBag.ReturnUrl = login.returnUrl. - Tetsuya Yamamoto
OK there is a progress now the return Url has a value but still my user is redirected to the login page as if he didn't grant authentication...I think part of the problem is the lack of full understanding on my behalf, I post this in another forum and someone pointed out that I don't have a code for user actually logging in do you have any other ideas? Thanks - salRad

1 Answers

1
votes

OK after much search I found my answer here [Request.IsAuthenticated is always false ]

I had to add these line in my web.config's modules inside system.WebServer 

<remove name="FormsAuthentication" />
      <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />