Search code examples
asp.netasp.net-coreasp.net-identity

.NET Core: How to send to /Account/Login instead of /Identity/Account/Login

Project is in .NET Core 2.2 and uses Identity. When a user logs in and the session times out he is redirected to the login page by the attribute [Authorize] in the controller. Unfortunately the user is redirected to /Identity/Account/Login instead of /Account/Login and the design is different. I would need the redirect to be to /Account/Login. What am I missing?

I have the following in ConfigureServices:

    services.Configure<IdentityOptions>(options =>
    {
        // Password settings
        options.Password.RequireDigit = true;
        options.Password.RequiredLength = 8;
        options.Password.RequireNonAlphanumeric = false;
        options.Password.RequireUppercase = true;
        options.Password.RequireLowercase = false;
        options.Password.RequiredUniqueChars = 6;

        // Lockout settings
        options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
        options.Lockout.MaxFailedAccessAttempts = 4;
        options.Lockout.AllowedForNewUsers = true;

        // User settings
        options.User.RequireUniqueEmail = true;
    });

    services.ConfigureApplicationCookie(options =>
    {
        // Cookie settings
        //options.Cookie.HttpOnly = true;
        options.Cookie.Expiration = TimeSpan.FromMinutes(20);
        options.LoginPath = "/Account/Login"; // If the LoginPath is not set here, ASP.NET Core will default to /Account/Login
        options.LogoutPath = "/Account/Logout"; // If the LogoutPath is not set here, ASP.NET Core will default to /Account/Logout
        options.AccessDeniedPath = "/Account/AccessDenied"; // If the AccessDeniedPath is not set here, ASP.NET Core will default to /Account/AccessDenied
        options.SlidingExpiration = true;
        options.ExpireTimeSpan = TimeSpan.FromMinutes(20);      // 20 minutes logged in session timeout
    });

I thought options.LoginPath was the way to go...

Solution

  • You need to use AddIdentity instead of AddDefaultIdentity if you would like to set by ConfigureApplicationCookie.

    services.AddIdentity<IdentityUser,IdentityRole>()
            //.AddDefaultUI(UIFramework.Bootstrap4)
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();

    Or you could just try to configure CookieAuthenticationOptions to achieve your requirement.

    services.AddIdentity<IdentityUser,IdentityRole>()
            .AddDefaultUI(UIFramework.Bootstrap4)
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();

services.PostConfigure<CookieAuthenticationOptions>(IdentityConstants.ApplicationScheme,
options =>
{

    options.Cookie.Expiration = TimeSpan.FromMinutes(20);
    options.LoginPath = "/Account/Login"; 
    options.LogoutPath = "/Account/Logout";
    options.AccessDeniedPath = "/Account/AccessDenied"; 
    options.SlidingExpiration = true;
    options.ExpireTimeSpan = TimeSpan.FromMinutes(20);  

});