Currently my URL has email displayed in it, Recommendation is to use https for communication and email needs to be displayed in the body and not in the URL. Can some one please help me to fix this. Below is my code :
//URL BUILDER CODE
[AllowAnonymous]
[HttpGet]
public ActionResult Authorize(string code, string state = null)
{
LoginResult loginResult = this.authenticationService.LogUserInToCommonAuthentication(code);
this.CreateSessionForUser(loginResult);
string uri = "/";
if (loginResult.Success)
{
this.Response.Cookies.Add(loginResult.AuthCookie);
}
else
{
this.logger.Warn($"Authorize - The user {loginResult.Email} has not been authorized - ErrorCode={loginResult.Error}");
uri += string.Format(CultureInfo.InvariantCulture, "?User={0}&Code={1}", loginResult.Email, loginResult.Error);
return this.Redirect(uri);
}
long unixUtcTimestamp = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0)).TotalSeconds;
return this.Redirect(uri + "?d=" + unixUtcTimestamp);
}
Below is my index.cshtml
//TO DISPLAY IN THE BODY
@if (Request.QueryString["Code"] == "401" || Request.QueryString["Code"] == "500")
{
<li style="color: white; font-size: 16px; text-align: left; padding: 20px; line-height: 150%">
Dear User,<br>
@(Request.QueryString["User"]). This email does not seem to be authorized to use the application.
</li>
}
Please help me to fix this. Please comment if more information needed & Thanks in advance :)
I made use of Session here and it worked in my case. Please find below eg:
// Add this in the controller
Session["Email"] = loginResult.Email;
And call the Session in the .html file.