Search code examples
asp.netmodel-view-controllerauthenticationreturnurl

Asp.net MVC ReturnUrl value always null


OK I'v researched and tried every single suggestion (individually of course) before posting this and I hit a wall every time

This is my log in view I used ViewBag to pass the ReturnUrl value as I've seen in many answers to this problem

   <h2>Login</h2>
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { role = "form" }))
{
    @Html.AntiForgeryToken()


  ...............

And this is the login action result

   [HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(UserLogin login, string returnUrl="")
{
    string message = "";
    using (NerdsContext nc = new NerdsContext())
    {
        var v = nc.User.Where(a => a.email == login.email).FirstOrDefault();
        if (v != null)
        {
            if (!v.IsEmailVerified)
            {
                ViewBag.Message = "Please verify your email first";
                return View();
            }
            if (string.Compare(Crypto.Hash(login.password), v.password) == 0)
            {
                int timeout = login.rememberMe ? 525600 : 20; // 525600 min = 1 year
                var ticket = new FormsAuthenticationTicket(login.email, login.rememberMe, timeout);
                string encrypted = FormsAuthentication.Encrypt(ticket);
                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                cookie.Expires = DateTime.Now.AddMinutes(timeout);
                cookie.HttpOnly = true;
                Response.Cookies.Add(cookie);

                //Redirect the user to new url
                if (Url.IsLocalUrl(returnUrl))
                {
                    ViewBag.ReturnUrl = returnUrl;
                    return Redirect(returnUrl);

                }
                else
                {
                    return RedirectToAction("Nerd", "Home");
                }
            }
            else
            {
                message = "Invalid credential provided";
            }
        }
        else
        {
            message = "Invalid credential provided";
        }
    }
    ViewBag.Message = message;
    return View();
}

And finally this is the lines I added in web.config file

 <authentication mode="Forms">
      <forms cookieless="UseCookies"  loginUrl="/Account/Login"  timeout="30" slidingExpiration="true" protection="All"></forms>
    </authentication>

And when I run this I never get to actually login it always send me back to the login page and the value of the returnUrl is always null So what is going on here????


Solution

  • OK after much search I found my answer here [Request.IsAuthenticated is always false ]

    I had to add these line in my web.config's modules inside system.WebServer

    <remove name="FormsAuthentication" />
          <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />