Asp.net MVC returnurl value always null

Question

0.00/5 (No votes)

See more:

OK I'v researched and tried every single suggestion (individually of course) before posting this and I hit a wall every time

This is my log in view I used ViewBag to pass the ReturnUrl value as I've seen in many answers to this problem

HTML

<h2>Login</h2>
    @using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { role = "form" }))
    {
        @Html.AntiForgeryToken()
  

      ...............

And this is the login action result

C#

[HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Login(UserLogin login, string returnUrl="")
    {
        string message = "";
        using (NerdsContext nc = new NerdsContext())
        {
            var v = nc.User.Where(a => a.email == login.email).FirstOrDefault();
            if (v != null)
            {
                if (!v.IsEmailVerified)
                {
                    ViewBag.Message = "Please verify your email first";
                    return View();
                }
                if (string.Compare(Crypto.Hash(login.password), v.password) == 0)
                {
                    int timeout = login.rememberMe ? 525600 : 20; // 525600 min = 1 year
                    var ticket = new FormsAuthenticationTicket(login.email, login.rememberMe, timeout);
                    string encrypted = FormsAuthentication.Encrypt(ticket);
                    var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                    cookie.Expires = DateTime.Now.AddMinutes(timeout);
                    cookie.HttpOnly = true;
                    Response.Cookies.Add(cookie);

                    //Redirect the user to new url
                    if (Url.IsLocalUrl(returnUrl))
                    {
                        ViewBag.ReturnUrl = returnUrl;
                        return Redirect(returnUrl);
                       
                    }
                    else
                    {
                        return RedirectToAction("Nerd", "Home");
                    }
                }
                else
                {
                    message = "Invalid credential provided";
                }
            }
            else
            {
                message = "Invalid credential provided";
            }
        }
        ViewBag.Message = message;
        return View();
    }

And finally this is the lines I added in web.config file

C#

<authentication mode="Forms">
          <forms cookieless="UseCookies"  loginUrl="/Account/Login"  timeout="30" slidingExpiration="true" protection="All"></forms>
        </authentication>

And when I run this I never get to actually login it always send me back to the login page and the value of the returnUrl is always null
So what is going on here????

What I have tried:

I've seen lots of posts about this issue and tried almost all of them but with no use..I'd appreciate any help here

Posted 8-Oct-17 14:40pm

RashaSalim

Updated 10-Jul-23 12:00pm

Add a Solution

2 solutions

Solution 1

I am not very sure about the solution, but i can offer you two options:

1) In your UserLogin class add a property called returnUrl. Then, in the html form puet a input of type hidden whit this value (in order to be included in the UserLogin). Obviously in the controller you will recibe only one parameter of type UserLogin and you can access the returnUrl from there.

2) Instead of call your parameters ReturnUrl (in your html code) and returnUrl (in the controller), call both with exactlly the same case (or both ReturnUrl or both returnUrl).

I hope this suggestions will help you.

Posted 8-Oct-17 20:22pm

Member 7870345

Comments

RashaSalim 9-Oct-17 5:34am

Thanks a lot for your reply I'll try this and let you know what happens

RashaSalim 9-Oct-17 6:24am

OK there is a progress now the return Url has a value but still my user is redirected to the login page as if he didn't grant authentication...I think part of the problem is the lack of full understanding on my behalf, I post this in another forum and someone pointed out that I don't have a code for user actually logging in
do you have any other ideas?
Thanks

Member 7870345 9-Oct-17 7:16am

I am sorry, but I dont understand what do you mean.
Reading the code there are several case:
a) is a invalid user then ViewBag.Message = "Invalid credential provided" and the Login view is showed again (with ViewBag.Message == "Invalid credential provided")
b) is a valid user and the email is not verified then ViewBag.Message = "Please verify your email first" and the Login view is showed again (with ViewBag.Message == "Please verify your email first")
c) is a valid user and then email is verified and the password is ok, then the cookie with the identification is set and
c.1) if the returnUrl is local then the user is redirected to returnUrl
c.2) if the returnUrl is not local then the user is redirected to RedirectToAction("Nerd", "Home");
d) is a valid user and then email is verified and the password is not ok, then ViewBag.Message = "Invalid credential provided" and the Login view is showed again (with ViewBag.Message == "Invalid credential provided").

Wich is the behavior that do you want? Wich are the diferences between your requeriments and the code?

RashaSalim 9-Oct-17 8:59am

I used the debugger and everything looks fine it is actually executing the if (Url.IsLocalUrl(ReturnUrl)) statement
and this is the url in the browser
http://localhost:49408/Account/Login?ReturnUrl=%2FHome%2FNerd

but it never goes to the (/Home/Nerd) it goes back to login page without any message displayed...so why do you think is that, why the user is not granting access to the page
this is the Nerd action method in Home Controller
[Authorize]
public ActionResult Nerd()
{
return View();
}

Member 7870345 10-Oct-17 3:04am

Please put a breakpoint in the sentence "if (Url.IsLocalUrl(ReturnUrl))" and another breakpoint "public ActionResult Nerd()".
Then execute the code, and watch what is the value of "ReturnUrl" (please tell in a message this value). Let the code continue executing and watch if the second breakpoint (in the public ActionResult Nerd()) is executed or not.

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

RashaSalim · Accepted Answer · 2017-10-11T06:04:00

OK after much search I found my answer here
authentication - Asp.net MVC ReturnUrl value always null - Stack Overflow[^]

I had to add these line in my web.config's modules inside system.WebServer

<remove name="FormsAuthentication" />
          <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />