Search code examples
c#jqueryasp.netasp.net-mvc-5asp.net-boilerplate

ASP.NET Boilerplate - Authorization not working

I'm using the ASP.NET Boilerplate framework to create an application with authorization but having trouble making it work.

The ajax method is calling the Login method and retrieving the correct data performing the success function and confirming: "Logged in!". (Only when the log-in information is correct, els it gives error).

I expected that the 'AuthenticationManager.SignIn' would take care of all the Login functionality (seems to be the case in the module-zero). But after logging in and going to a controller with [AbpMvcAuthorize] applied, I end up on a page informing me that I do not have permission to open the page.

Javascript:

(function () {
    $('#LoginButton').click(function (e) {
        e.preventDefault();
        abp.ui.setBusy(
            $('#LoginArea'),
            abp.ajax({
                url: abp.appPath + 'Account/Login',
                type: 'POST',
                    data: JSON.stringify({
                    usernameOrEmailAddress: $('#EmailAddressInput').val(),
                    password: $('#PasswordInput').val(),
                    rememberMe: $('#RememberMeInput').is(':checked')
                }),
                success: function (data) {
                    if (data != null) {
                        confirm(data);
                   }
                },
                error: function () {
                    confirm("Something went wrong. Try again later!");
                }
            })
        );
    });
})();

AccountController:

[HttpPost]
public async Task<JsonResult> Login(LoginViewModel loginModel, string returnUrl = "")
{
    try
    {
        if (!ModelState.IsValid)
        {
            throw new UserFriendlyException("Your form is invalid!");
        }

        var loginResult = await _userManager.LoginAsync(
            loginModel.UsernameOrEmailAddress,
            loginModel.Password,
            loginModel.TenancyName
        );

        switch (loginResult.Result)
        {
            case AbpLoginResultType.Success:
                break;
            case AbpLoginResultType.InvalidUserNameOrEmailAddress:
                ...
        }

        AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
        AuthenticationManager.SignIn(new AuthenticationProperties { 
            IsPersistent = loginModel.RememberMe }, loginResult.Identity);

        if (string.IsNullOrWhiteSpace(returnUrl))
        {
            returnUrl = Request.ApplicationPath;
        }
    }
    catch (UserFriendlyException ex)
    {
        return Json(ex.Message);
    }
    return Json("Logged in!");
}

Edit: After AuthenticationManager.Sign(..), I can see the logged in user information by loginResult.User. So I guess the login works but that something is wrong with [AbpMvcAuthorize]?

Solution

  • It's very strange. How did you created your solution? From the template (http://www.aspnetboilerplate.com/Templates)? Because, it works normally in the template (see HomeController of the template: https://github.com/aspnetboilerplate/module-zero-template/blob/master/src/AbpCompanyName.AbpProjectName.WebSpaAngular/Controllers/HomeController.cs) So, can you compare with it?