ReturnUrl
is kind of ugly. I'd like to use redirect
instead. How can I specify the name of the parameter that should be used for forms authentication redirect URLs in conjunction with the [Authorize]
attribute? Or do I have to create an IAuthorizationFilter implementation? :(
Example:
[Authorize]
public class Tools : Controller
{
public ActionResult Index()
{
return View();
}
}
When a user who is not logged in visits http://example.com/tools, I'd like them to be redirected to http://example.com/account/logon?redirect=%2ftools
, instead of the default http://example.com/Account/LogOn?ReturnUrl=%2ftools
For the /account/logon part, I can modify my routes in Global.asax and change
<authentication mode="Forms">
<forms loginUrl="~/account/logon" timeout="2880" />
</authentication>
in web.config. But I don't know how to change the ReturnUrl parameter.
The Forms Authentication makes use of ReturnUrl parameter to redirect user to the requested page after Login in ASP.Net MVC.
A return URL redirects users back to the originating page during a checkout flow. For most integrations, using your application ID + ://paypalpay is the simplest and best returnUrl to use as part of the CheckoutConfig .
The question and answers here seems to relate to the old form authentications stuff. On newer versions of MVC, e.g. MVC 5 (with Identity 2.0), you would do something like this in the Startup.Auth.cs
:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/account/login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
ReturnUrlParameter = "redirect"
});
The important part is of course ReturnUrlParameter = "redirect"
(can be anything). The rest might be different for your project.
Add this key to the appSettings section of your web.config
<add key="aspnet:FormsAuthReturnUrlVar" value="redirect" />
Not the BEST solution around, but it works...
<rule name="FormsAuthentication" stopProcessing="true">
<match url="^account/log(i|o)n$" />
<conditions>
<add input="{QUERY_STRING}" pattern="^ReturnUrl=([^=&]+)$" />
</conditions>
<action type="Redirect" url="account/logon?redirect={C:1}" appendQueryString="false" />
</rule>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With