I have an AccountController where users can login, and an area named Admin where users have to been autorized to see. When users log in with correct username and pw, it redirects to the same page again (../Account/Login?ReturnUrl=%2FAdmin
)
AccountController
public class AccountController : Controller
{
[AllowAnonymous]
public ActionResult Login()
{
return View();
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.Username == "User" && model.Password == "Pa$$W0rd")
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Admin", new { area = "Admin"});
}
ModelState.AddModelError("", "Brukernavn og/eller passord er feil");
}
return View();
}
}
AdminController in area Admin
[Authorize]
public class AdminController : HimmelhoytControllerBase
{
public ActionResult Index()
{
return View();
}
}
View Login
@model Himmelhoyt.Models.AccountModels.LoginModel
@{
ViewBag.Title = "Logg inn";
}
@using (Html.BeginForm("Login", "Account", FormMethod.Post, new { @class = "form-signin" }))
{
< text>
@Html.AntiForgeryToken()
@Html.LabelFor(m => m.Username, new { @class = "sr-only" }) @Html.EditorFor(m => m.Username, new { htmlAttributes = new { @class = "form-control", placeholder = "Brukernavn", autofocus = "autofocus" } })
@Html.ValidationMessageFor(m => m.Username, "", new { @class = "bg-danger validationMessage" })
@Html.LabelFor(m => m.Password, new { @class = "sr-only" }) @Html.EditorFor(m => m.Password, new { htmlAttributes = new { @class = "form-control", placeholder = "Passord", type = "password" } })
@Html.ValidationMessageFor(m => m.Password, "", new { @class = "bg-danger validationMessage" })
<br/>
@Html.EditorFor(x => x.RememberMe@*, new { htmlAttributes = new { @class = "checkbox" } }*@) @Html.LabelFor(m => m.RememberMe)
@Html.ValidationMessageFor(m => m.RememberMe)
<br />
@Html.Submit("Logg på", new { @class = "btn btn-lg btn-primary btn-block" })
@Html.ValidationSummary(true)
</text>
}
In the Account-controller, return RedirectToAction("Index", "Admin", new { area = "Admin" });
is executed, but as I said, it only redirects to the same page.
EDITED Web.config
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
</configSections>
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\aspnet-Himmelhoyt-20140831071527.mdf;Initial Catalog=aspnet-Himmelhoyt-20140831071527;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="HimmelhoytDb" connectionString="data source=(localdb)\v11.0;initial catalog=Himmelhoyt;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<!--<authentication mode="None" />-->
<authentication mode="Forms">
<forms loginUrl="/Account/Login" />
</authentication>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-5.2.2.0" newVersion="5.2.2.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
Try to remove the following lines from your Web.config
<modules>
<remove name="FormsAuthentication" />
</modules>
Try this:
move this method from the Account
controller to the Admin
controller:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (model.Username == "User" && model.Password == "Pa$$W0rd")
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Admin", new { area = "Admin"});
}
ModelState.AddModelError("", "Brukernavn og/eller passord er feil");
}
return View();
}
And change the controller call in your View from:
@using (Html.BeginForm("Login", "Account", FormMethod.Post, new { @class = "form-signin" }))
to:
@using (Html.BeginForm("Login", "Admin", FormMethod.Post, new { @class = "form-signin" }))
Then change a line in the method you moved to the Admin Controller, from:
return View();
to:
return Redirect("Index");
See if it works and suits your needs
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With