Mvc returnurl is always null after logging back in from session reset

Question

0.00/5 (No votes)

See more:

I'm working on an MVC app that has login authentication and times out after a while of being logging in. So I want to be able to log in and go back to the page I was rather than going to a static home page.

Every time I get kicked out, I do get a "Account/Login?ReturnUrl = ... " on my browser, but my debugger inside Login ActionResult post method always says my returnUrl is null. I tired the following method, before this I triedo other methods too but none have worked. So I'm really stuck please help:

What I have tried:

"AccountController.cs" :

public sealed class AccountController : BaseController
    {
        //Login prompt
        // GET: /Account/Login
        [AllowAnonymous]
        public ActionResult Login() {

            return View();

        }

        //Login processing(authentication)
        // POST: /Account/Login
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        
        public ActionResult Login( LoginViewModel model, string returnUrl) {
            if ( ModelState.IsValid ) {
                var authenticated = AuthenticationProvider.Authenticate( model.UserName, model.Password, HttpContext );
                
                if( authenticated ) {
                    if (Url.IsLocalUrl(returnUrl))
                    {
                        ViewBag.ReturnUrl = returnUrl;
                        return Redirect(returnUrl);
                    }
                  
                }

                ModelState.AddModelError( "", "Invalid username or password." );
            }

            return View( model );
        }

"Loging.cshtml" form:

@using (Html.BeginForm("Login", "Account", FormMethod.Post, new { ReturnUrl = Request.QueryString["ReturnUrl"] }))
    { ....

"web.config":

<modules>
     <remove name="FormsAuthentication" />
     <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
   </modules>

Posted 1-Mar-19 6:45am

Member 14168150

Updated 1-Mar-19 7:11am

Add a Solution

Comments

MadMyche 1-Mar-19 12:50pm

How long is "after a while of being logging in"? Are you going through the site or staring at a page for that time?

Andre Oosthuizen 13-Apr-24 13:21pm

It all depends on what value you return for your 'ReturnUrl', check there to see why your are re-directed to the incorrect page as it is most probably set to the current returned page...

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

F-ES Sitecore · Answer 1 · 2019-03-01T07:12:00

You're going nothing with the ReturnUrl param in the HttpGet. In order for that to be available in the HttpPost you'll need to store it in the form.

Amend the LoginViewModel class to add a ReturnUrl property

public string ReturnUrl { get; set; }

Capture the url in the HttpGet method and ensure it is included in the form

public ActionResult Login(string returnUrl)
{
    LoginViewModel model = new LoginViewModel();
    model.ReturnUrl = returnUrl;

    return View(model);
}

[HttpPost]
public ActionResult Login(LoginViewModel model)
{
    return View(model);
}

@model LoginViewModel

@using (Html.BeginForm())
{
    @Html.HiddenFor(m => m.ReturnUrl)

    // rest of form

    <input type="submit" value="Login"/>
}