I have created an Admin website using Asp.Net Web Forms.
When I share a url of a page(not a home page) of my website with my friend, and when he enters it in his browser, it automatically redirects him to Login page.(Which is correct behavior).
When he enters his username and password it redirects to the home page and not the url I shared with him.
I tried using Request.UrlReferrer.PathAndQuery
on login.aspx.
It works only if user intentionally logged out of the system.
Basically, I want to share a link(url) by mail or something, user will open it, he will ask for login if he is not already logged in, once logged in the browser will show him the page from the url and not the home page.
The most common ways to implement redirection logic after login are: using HTTP Referer header. saving the original request in the session. appending original URL to the redirected login URL.
There are two approaches used to redirect the browser window back. Approach 1: Using history. back() Method: The back() method of the window. history object is used to go back to the previous page in the current session history.
You can apply this filter to the routes that need authentication. Route::filter('auth', function() { if (Auth::guest()) { return Redirect::guest('login'); } }); What this method basically does it's to store the page you were trying to visit and it is redirects you to the login page. return Redirect::intended();
In each page check if user logged in, if not then
if (Session["UserName"] == null && Session["UserId"] == null)
{
string OriginalUrl = HttpContext.Current.Request.RawUrl;
string LoginPageUrl = "/login";
HttpContext.Current.Response.Redirect(String.Format("{0}?ReturnUrl={1}", LoginPageUrl, OriginalUrl));
}
and in login page check if returnurl
there, If returnurl
exist redirect to that page.
if (this.Request.QueryString["ReturnUrl"] != null)
{
this.Response.Redirect(Request.QueryString["ReturnUrl"].ToString());
}
else
{
this.Response.Redirect("/account/default");
}
If you are using the Forms Authentication you can use the ReturnUrl
querystring in your login page:
var returnUrl = Request.QueryString["ReturnURL"];
if (string.IsNullOrEmpty(returnUrl)){
returnUrl = "~/";
}
Response.Redirect(returnUrl);
If you are not using it you should behave as it does: When you redirect the user to the login page add a querystring with the referrer page.
//**Remember to url encode it!**
var returnUrl = Server.UrlEncode(Request.Url.PathAndQuery);
Response.Redirect("~/login.aspx?ReturnURL=" + returnUrl);
As an alternative, you can use cookies. I prefer this method because it results in a more clean address bar and look more elegant. Also the process is transparent to the user. This should also prevent some malicious users from using your login page to redirect to unwanted websites.
In the code where you redirect to the login page:
Response.Cookies.Add(new HttpCookie("returnUrl", Request.Url.PathAndQuery));
Response.Redirect("login.aspx");
In your login page:
HttpCookie returnCookie = Request.Cookies["returnUrl"];
if((returnCookie == null) || string.IsNullOrEmpty(returnCookie.Value))
{
Response.Redirect("Default.aspx");
}
else
{
HttpCookie deleteCookie = new HttpCookie("returnUrl");
deleteCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(deleteCookie);
Response.Redirect(returnCookie.Value);
}
This
Note: You should run some validation on the return URL if you have security concerns.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With