sparta93 sparta93 - 1 month ago 7
ASP.NET (C#) Question

Return Url not being passed in MVC login form

I have a website where I'm adding authentication right now following this tutorial (http://benfoster.io/blog/aspnet-identity-stripped-bare-mvc-part-1) using ASP.NET Identity, Owin, etc... Currently instead of using html helpers and using the snippet below for the view, I have created my own custom form, but for some reason I don't think I'm passing the return url correctly because of which I get a 404 error. Can anyone please help me out? I'm a beginner in .NET MVC. Thanks in advance.

@Html.ValidationSummary(true)

@using (Html.BeginForm())
{
@Html.EditorForModel()
<p>
<button type="submit">Log In</button>
</p>
}


Model

public class LogInModel
{
[Required]
[DataType(DataType.EmailAddress)]
public string Email { get; set; }

[Required]
[DataType(DataType.Password)]
public string Password { get; set; }

[HiddenInput]
public string ReturnUrl { get; set; }
}


Controller

[AllowAnonymous]
public class AuthController : Controller
{
// GET: Auth
[HttpGet]
public ActionResult LogIn(string returnUrl)
{
var model = new LogInModel
{
ReturnUrl = returnUrl
};

return View(model);
}

[HttpPost]
public ActionResult LogIn(LogInModel model)
{
if (!ModelState.IsValid)
{
return View();
}

// Don't do this in production!
if (model.Email == "admin@admin.com" && model.Password == "#G16#")
{
var identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, "Admin"),
new Claim(ClaimTypes.Email, "Admin@Admin.com"),
new Claim(ClaimTypes.Country, "USA")
},
"ApplicationCookie");

var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;

authManager.SignIn(identity);

return Redirect(GetRedirectUrl(model.ReturnUrl));
}

// user authN failed
ModelState.AddModelError("", "Invalid email or password");
return View();
}

private string GetRedirectUrl(string returnUrl)
{
if (string.IsNullOrEmpty(returnUrl) || !Url.IsLocalUrl(returnUrl))
{
return Url.Action("index", "home");
}

return returnUrl;
}

public ActionResult LogOut()
{
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;

authManager.SignOut("ApplicationCookie");
return RedirectToAction("index", "home");
}
}


View

<div class="col-md-4" style="margin-top:200px;">
@using (Html.BeginForm("LogInModel", "LogIn", FormMethod.Post, new { @class="form-horizontal" }))
{
<div class="form-group">
<label class="label label-default">Email Address</label>
<div class="form-control">
@Html.TextBoxFor(m => m.Email, new { @class = "form-control"})
</div>
</div>

<div class="form-group">
<label class="label label-default">Password</label>
<div class="form-control">
@Html.TextBoxFor(m => m.Password, new { @class = "form-control" })
</div>
</div>

@Html.HiddenFor(m => m.ReturnUrl)

<button class="btn btn-default" type="submit">Log In</button>
}
</div>

Answer

You are not using Html.BeginForm correctly.

Instead of:

Html.BeginForm("LogInModel", "LogIn", FormMethod.Post, new {})

It should be:

Html.BeginForm("LogIn", "Auth", FormMethod.Post, new {})

Correct usage:

Html.BeginForm("actionName", "controllerName", FormMethod.Post, new {})
Comments