Logging registered users

Jun 20 2017 6:12 PM

Hello,

I wonder if anyone is familiar with this article:

http://www.c-sharpcorner.com/article/asp-net-core-mvc-authentication-and-role-based-authorization-with-asp-net-core/

I'm almost done with it but I have a problem when my registered users logs in.

Whenever a user logs in, it always redirects it to the access denied page. Here is the Account Controller methods:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
var result = await signInManager.PasswordSignInAsync(model.UserName, model.Password,
model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
return RedirectToLocal(returnUrl);
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return View(model);
}
}
return View(model);
}
private IActionResult RedirectToLocal(string returnUrl)
{
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction(nameof(HomeController.Index), "Home");
}
}
public IActionResult AccessDenied()
{
return View();
}

Anytime I debug the application, and when I log in with a user, It goes to the Access Denied view.

According to the article:

Now, run the Application and login with the valid credentials. Its authentication is successful. This authenticates the user, who doesn’t have ‘User’ roles due to which it’s not authorized to access Index method of HomeController and is being redirected on access denied

But actually, I don't see anywhere a logic where the application validates if the user has a role or not, so maybe that is the reason.

Notice in this picture that altough the user is logged, and has a role, it goes to Access Denied:

Is the article wrong? Any advice is appreciated. Thanks.

Answers (3)

JavaScript runtime error

Inline code in MVC view