4

I'm migrating an old ASP.NET Web Forms app to ASP.NET MVC 4. I'm not very familiar with ASP.NET MVC, so I apologize if this is a dumb question. In short, my ASP.NET Web Forms app used the following line of code to redirect the user when the logged in:

FormsAuthentication.RedirectFromLoginPage(username, true);

I assumed I could just copy and paste this code over. However, I noticed that it attempt to redirect the user to "default.aspx". What is the MVC equivalent of this call?

Thank you!

Improve this question
4
  • I'm not familiar with that particular method RedirectFromLoginPage. Have you considered using a new RedirectResult("/my_front_page");? Commented Jan 29, 2013 at 13:38
  • I assume it takes in to account returnUrl? You can use if (!String.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } return RedirectToRoute("Index"); or something similar. Commented Jan 29, 2013 at 13:42
  • @Oliver RedirectFromLoginPage drops an authentication cookie and then redirects the person to the location specified in ReturnUrl parameter of the query string, otherwise to the defaultUrl. Commented Jan 29, 2013 at 15:08
  • @MikeSmithDev I see, that seems like some strange compound functionality Commented Jan 29, 2013 at 15:18

4 Answers 4

Reset to default
3

Forms authentication usually provides a returnUrl as a query string parameter (which is what I assume FormsAuthentication.RedirectFromloginPage(username, true) is using.) With that said, add a parameter to your login action that receives in the returnUrl, then use that in your login action.

[HttpPost]
public ActionResult Login(LoginViewModel model, String returnUrl)
{
    if (ModelState.IsValid)
    {
        // perform login
        if (YourFormsAuthentication.YourLoginMethod(mode.username, model.password))
        {
            //
            // Set auth cookie, log user in, etc.
            //

            // Now check for returnUrl and make sure it's present and
            // valid (not redirecting off-site)
            if (!String.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            // no returnUrl provided, direct them to default landing page
            return RedirectToRoute("Home");
        }
        else
        {
            ModelState.AddError("", "Username or password are incorrect.");
        }
    }
    return View(model);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

On your logon method in the controller add a parameter string returnUrl.

then check if it is empty or null. If not redirect.

[HttpPost]
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
       // Do your login
    // if success
                if (!String.IsNullOrEmpty(returnUrl))
                {
                    return Redirect(returnUrl);
                }
}

In your view also pass the returnUrl (which will be Request.Url)

<%: Html.ActionLink("Log On", "LogOn", "ControllerName", new { returnUrl = Request.Url }, null)%>
Improve this answer

Comments

0

You have complete sample here : http://www.c-sharpcorner.com/UploadFile/cd3310/using-mvc-Asp-Net-tools-create-simple-login-form/

View with controller with specific action

    [AcceptVerbs(HttpVerbs.Post)]
    public ActionResult Login(YourModel model)
    {
        if (!ModelState.IsValid)
        {
            return View("Login", model);
        }

        return RedirectToAction("Index");
    }
Improve this answer

Comments

0

In MVC 4 if you create a new application and select the option for Internet application the template will wire everything for forms authentication and will set you up to use the SimpleMembership provider, which makes it easier to customize user profiles and adds support to easily plugin OAuth. You should have the following entry in your web.config.

<authentication mode="Forms">
  <forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>

This tells the application to redirect to the loginUrl if the user is not authenticated or authorized. Then you just use the AuthorizeAttribute on either your controllers or actions. You can add roles to this attribute if you want to use roles-based authorization or just use it without roles. Here I added an AuthorizeAttribute to the Contact action for the HomeController.

    [Authorize(Roles="Admin")] 
    public ActionResult Contact()
    {
        ViewBag.Message = "Your contact page.";

        return View();
    }

This action is on the default HomeController that is created by the MVC 4 Internet template. The user experience will be that if they click on the Contacts tab on the home page and they are not logged in they will be redirected to the logon page. Once they successfully logon they will be redirected back to the Contacts page. So MVC 4 Internet applications have it all wired up for you and you do not have to explicitly handle the redirects. For more information on customizing the SimpleMembership provider you can read this blog.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.