Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I change the name of the "ReturnUrl" parameter used by ASP.NET MVC?

ReturnUrl is kind of ugly. I'd like to use redirect instead. How can I specify the name of the parameter that should be used for forms authentication redirect URLs in conjunction with the [Authorize] attribute? Or do I have to create an IAuthorizationFilter implementation? :(

Example:

[Authorize]
public class Tools : Controller
{
    public ActionResult Index()
    {
        return View();
    }
}

When a user who is not logged in visits http://example.com/tools, I'd like them to be redirected to http://example.com/account/logon?redirect=%2ftools, instead of the default http://example.com/Account/LogOn?ReturnUrl=%2ftools

For the /account/logon part, I can modify my routes in Global.asax and change

<authentication mode="Forms">
  <forms loginUrl="~/account/logon" timeout="2880" />
</authentication>

in web.config. But I don't know how to change the ReturnUrl parameter.

like image 728
Jake Petroules Avatar asked Aug 07 '11 01:08

Jake Petroules


People also ask

What is MVC ReturnUrl?

The Forms Authentication makes use of ReturnUrl parameter to redirect user to the requested page after Login in ASP.Net MVC.

What is ReturnUrl?

A return URL redirects users back to the originating page during a checkout flow. For most integrations, using your application ID + ://paypalpay is the simplest and best returnUrl to use as part of the CheckoutConfig .


3 Answers

The question and answers here seems to relate to the old form authentications stuff. On newer versions of MVC, e.g. MVC 5 (with Identity 2.0), you would do something like this in the Startup.Auth.cs:

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/account/login"),
            Provider = new CookieAuthenticationProvider
            {
                // Enables the application to validate the security stamp when the user logs in.
                // This is a security feature which is used when you change a password or add an external login to your account.  
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            },
            ReturnUrlParameter = "redirect"
        });

The important part is of course ReturnUrlParameter = "redirect" (can be anything). The rest might be different for your project.

like image 175
hug Avatar answered Oct 06 '22 02:10

hug


Add this key to the appSettings section of your web.config

<add key="aspnet:FormsAuthReturnUrlVar" value="redirect" />
like image 38
Fabian Vilers Avatar answered Oct 06 '22 02:10

Fabian Vilers


Not the BEST solution around, but it works...

<rule name="FormsAuthentication" stopProcessing="true">
  <match url="^account/log(i|o)n$" />
  <conditions>
    <add input="{QUERY_STRING}" pattern="^ReturnUrl=([^=&amp;]+)$" />
  </conditions>
  <action type="Redirect" url="account/logon?redirect={C:1}" appendQueryString="false" />
</rule>
like image 32
Jake Petroules Avatar answered Oct 06 '22 01:10

Jake Petroules