I'm trying to read the ReturnUrl querystring value after a redirect to the login page (due to the [Authorize] attribute).
This is the url shown after the redirect: https://localhost:5001/Identity/Login?ReturnUrl=%2FTeam%2FRead%2FOnGet (it seems correct to me).
I have set a property this way:
[BindProperty]
public string ReturnUrl { get; set; }
After posting the login form, as far as I have understood how Model Binding works, I expect the property to be set to "/Team/Read/OnGet". Unfortunately, it is always null.
Looking deeply into the problem in debug mode, it seems that the querystring property in the request is not the same as the one in the url.
In fact, the only value in the Request.Querystring property is ?handler=login, while Request.RouteValues dictionary has only one key: "/Identity/Login".
If it can be of any help, this is my Startup.cs configuration:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("FootballDb")));
services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddLogging();
services.AddTransient<IDataProvider, SqlDataProvider>();
services.AddRazorPages().AddRazorRuntimeCompilation();
//services.AddRazorPages().AddRazorRuntimeCompilation().AddRazorPagesOptions(options => options.Conventions.AddPageRoute("/Index/OnGet", ""));
services.AddAuthentication()
.AddGoogle(options =>
{
IConfigurationSection googleAuthNSection =
Configuration.GetSection("Authentication:Google");
options.ClientId = "172755709400-lhipoag0fkvlk56jsuv9rh00bfs5s7aa.apps.googleusercontent.com";
options.ClientSecret = "HD_1jnsoycIFV2-Xf-iqYyDu";
})
.AddFacebook(options =>
{
IConfigurationSection googleAuthNSection =
Configuration.GetSection("Authentication:Facebook");
options.AppId = "blabla";
options.AppSecret = "blabla";
});
services.Configure<IdentityOptions>(options =>
{
// Password settings.
options.Password.RequireDigit = true;
options.Password.RequireLowercase = true;
options.Password.RequireNonAlphanumeric = true;
options.Password.RequireUppercase = true;
options.Password.RequiredLength = 6;
options.Password.RequiredUniqueChars = 1;
// Lockout settings.
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
options.Lockout.MaxFailedAccessAttempts = 5;
options.Lockout.AllowedForNewUsers = true;
// User settings.
options.User.AllowedUserNameCharacters =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";
options.User.RequireUniqueEmail = false;
options.SignIn.RequireConfirmedEmail = false;
});
services.ConfigureApplicationCookie(options =>
{
// Cookie settings
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
options.LoginPath = "/Identity/Login";
//options.AccessDeniedPath = "/Identity/Login";
options.SlidingExpiration = true;
});
}
I've also tried to comment the two lines
options.LoginPath = "/Identity/Login";
options.AccessDeniedPath = "/Identity/Login";
with no luck.
You pretty much have the answer, the only thing you forgot is that the BindProperty needs to work on the Get aspect of the request. Change your ReturnUrl to the following for it to work:
[BindProperty(Name = "ReturnUrl", SupportsGet = true)]
public string ReturnUrl { get; set; }