Pedro Mendes

Pedro Mendes

  • NA
  • 4
  • 419

Asp MVC URL doesn't redirect to index after successful authentication

Apr 28 2021 1:55 PM

In my ASP MVC web application, when I try to authenticate using email and password to log in. The URL redirect doesn't allow me to pass to the main page after successful authentication.

 my routeconfig file:
 
 
  1.   public class RouteConfig  
  2. {  
  3.     public static void RegisterRoutes(RouteCollection routes)  
  4.     {  
  5.         routes.IgnoreRoute("{resource}.axd/{*pathInfo}");  
  6.   
  7.         routes.MapRoute(  
  8.             name: "DefaultEn",  
  9.             url: "en/{controller}/{action}/{id}",  
  10.             defaults: new { language = "en", controller = "data", action = "index", id = UrlParameter.Optional },  
  11.             constraints: new { controller = "data" },  
  12.             namespaces: new[] { "Portal.Controllers" }  
  13.         );  
  14.   
  15.         routes.MapRoute(  
  16.             name: "Default",  
  17.             url: "{controller}/{action}/{id}",  
  18.             defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional }  
  19.         );  
  20.     }  
  21. }  
 
and some of my login code: 
  1. [AllowAnonymous]  
  2.    public ActionResult Login(string returnUrl)  
  3.    {  
  4.        if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl) && returnUrl.Contains(nameof(windowsLogOff)))  
  5.        {  
  6.            return RedirectToAction(nameof(Login));  
  7.        }  
  8.   
  9.        if (User.Identity.IsAuthenticated)  
  10.        {  
  11.            return RedirectToAction(nameof(windowsLogOff), new { returnUrl = returnUrl });  
  12.        }  
  13.   
  14.        if (OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList.Count == 1 && Portal.Commons.Models.Configuration.ByPassAuthentication)  
  15.        {  
  16.            return RedirectToAction(nameof(ExternalLoginRedirect), new { returnUrl = returnUrl, provider = OwinAuthentication.AuthenticationTypes._ActiveAuthenticationsList[0].AuthenticationTypeDefault });  
  17.        }  
  18.   
  19.        return View();  
  20.    }  
  21.   
  22.    [HttpPost]  
  23.    [ValidateAntiForgeryToken]  
  24.    [AllowAnonymous]  
  25.    public ActionResult Login(LoginViewModel model)  
  26.    {  
  27.        if (ModelState.IsValid)  
  28.        {  
  29.            using (var db = new appDbContext())  
  30.            {  
  31.                var encodedPWD = Sha256(model.Password);  
  32.                var obj = db.Users.Where(a => a.Email.Equals(model.Email) && a.PasswordHash.Equals(encodedPWD)).FirstOrDefault();  
  33.                if (obj != null)  
  34.                {  
  35.                    Session["id"] = obj.Id.ToString();  
  36.                    Session["name"] = obj.name.ToString();  
  37.                    Session["email"] = obj.Email.ToString();  
  38.   
  39.                    return RedirectToAction("Manager""home");  
  40.                }  
  41.   
  42.                ModelState.AddModelError("""Email or Password is invalid!.");  
  43.            }  
  44.        }  
  45.        return View(model);  
  46.    }    
  47.   
  48.  public ActionResult Index()  
  49.        {  
  50.            if (User.Identity.GetRole() == Roles.Administrator)  
  51.            {  
  52.                return RedirectToAction(nameof(Administrator));  
  53.            }  
  54.            if (User.Identity.GetRole() == Roles.Manager)  
  55.            {  
  56.                return RedirectToAction(nameof(Manager));  
  57.            }  
  58.            return HttpNotFound();  
  59.        }  
  60.   
  61.        [OwinAuthorizeCustom(Roles.Administrator)]  
  62.        public ActionResult Administrator()  
  63.        {  
  64.            return View();  
  65.        }  
  66.   
  67.   
  68.        [OwinAuthorizeCustom(Roles.Manager)]  
  69.        public ActionResult Manager()  
  70.        {  
  71.            return View();  
  72.        }  
 
 
When I enter on login page the URL on localhost is something like this: http://localhost:3535/account/login?ReturnUrl=%2F
When I fill the login form with the correct credentials I got this: http://localhost:3535/account/login?ReturnUrl=%2Fhome%2Findex
Instead of: http://localhost:3535/account/index
About OwinAuthentication, using external login to authenticate such as Google and Microsoft, both works without any issue, I only got a problem on manual login.
 
Just cant figure it out where is the problem.