Last post May 06, 2020 07:38 AM by YihuiSun
None
0 Points
10 Posts
May 01, 2020 02:20 PM|Salvodif|LINK
Hi,
I've a mvc5 application with a custom login. Nothing crazy I just get username and password from a MongoDB then I do my check.
[HttpPost] [ValidateAntiForgeryToken] public ActionResult Login ( LoginViewModel vm ) { try { if ( !ModelState.IsValid ) return View ( ); var db = new MongoDb ( ); var user = db.GetUser ( vm.Email.Trim ( ) ); if ( user == null ) return View ( "Home" ); string oldHash = user.Hash; byte [ ] salt = user.Salt; bool isLogin = Security.CompareHashValue ( vm.Password, vm.Email, oldHash, salt ); if ( !isLogin ) { TempData [ "ErrorMSG" ] = "Access Denied! Wrong Credential"; return View ( vm ); } SignInRemember ( vm.Email, vm.RememberMe ); FormsAuthentication.SetAuthCookie ( vm.Email, false ); Session [ "User" ] = vm; return RedirectToAction ( "Index", "Dashboard" );
Now till I'm in the same controller isAuthenticated is true but when I go do the Dashboard/Index
class Dashboard {... public ActionResult Index() { bool auth = User.Identity.IsAuthenticated;
is false and if I use the [Authorized] decorator the user cannot access to the ActionResult.
I think that everything is right but I would like to let things works :-) Thank you
Contributor
2760 Points
789 Posts
May 06, 2020 07:38 AM|YihuiSun|LINK
Hi, Salvodif
You need to add the following configuration in the "web.config" if you use FormsAuthentication.
<system.web> <compilation debug="true" targetFramework="4.7.2" /> <httpRuntime targetFramework="4.7.2" /> <authentication mode="Forms"> <forms loginUrl="Dashboard/Login" timeout="2880" /> </authentication> </system.web>
Here is the result.
Best Regards,
YihuiSun
None
0 Points
10 Posts
MVC 5 Custom Identification
May 01, 2020 02:20 PM|Salvodif|LINK
Hi,
I've a mvc5 application with a custom login. Nothing crazy I just get username and password from a MongoDB then I do my check.
[HttpPost] [ValidateAntiForgeryToken] public ActionResult Login ( LoginViewModel vm ) { try { if ( !ModelState.IsValid ) return View ( ); var db = new MongoDb ( ); var user = db.GetUser ( vm.Email.Trim ( ) ); if ( user == null ) return View ( "Home" ); string oldHash = user.Hash; byte [ ] salt = user.Salt; bool isLogin = Security.CompareHashValue ( vm.Password, vm.Email, oldHash, salt ); if ( !isLogin ) { TempData [ "ErrorMSG" ] = "Access Denied! Wrong Credential"; return View ( vm ); } SignInRemember ( vm.Email, vm.RememberMe ); FormsAuthentication.SetAuthCookie ( vm.Email, false ); Session [ "User" ] = vm; return RedirectToAction ( "Index", "Dashboard" );Now till I'm in the same controller isAuthenticated is true but when I go do the Dashboard/Index
class Dashboard {...
public ActionResult Index() { bool auth = User.Identity.IsAuthenticated;
is false and if I use the [Authorized] decorator the user cannot access to the ActionResult.
I think that everything is right but I would like to let things works :-)
Thank you
Contributor
2760 Points
789 Posts
Re: MVC 5 Custom Identification
May 06, 2020 07:38 AM|YihuiSun|LINK
Hi, Salvodif
You need to add the following configuration in the "web.config" if you use FormsAuthentication.
<system.web> <compilation debug="true" targetFramework="4.7.2" /> <httpRuntime targetFramework="4.7.2" /> <authentication mode="Forms"> <forms loginUrl="Dashboard/Login" timeout="2880" /> </authentication> </system.web>Here is the result.
Best Regards,
YihuiSun