Asp.net MVC ReturnUrl value always null

Question

OK I'v researched and tried every single suggestion (individually of course) before posting this and I hit a wall every time

This is my log in view I used ViewBag to pass the ReturnUrl value as I've seen in many answers to this problem

   <h2>Login</h2>
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { role = "form" }))
{
    @Html.AntiForgeryToken()


  ...............

And this is the login action result

   [HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(UserLogin login, string returnUrl="")
{
    string message = "";
    using (NerdsContext nc = new NerdsContext())
    {
        var v = nc.User.Where(a => a.email == login.email).FirstOrDefault();
        if (v != null)
        {
            if (!v.IsEmailVerified)
            {
                ViewBag.Message = "Please verify your email first";
                return View();
            }
            if (string.Compare(Crypto.Hash(login.password), v.password) == 0)
            {
                int timeout = login.rememberMe ? 525600 : 20; // 525600 min = 1 year
                var ticket = new FormsAuthenticationTicket(login.email, login.rememberMe, timeout);
                string encrypted = FormsAuthentication.Encrypt(ticket);
                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                cookie.Expires = DateTime.Now.AddMinutes(timeout);
                cookie.HttpOnly = true;
                Response.Cookies.Add(cookie);

                //Redirect the user to new url
                if (Url.IsLocalUrl(returnUrl))
                {
                    ViewBag.ReturnUrl = returnUrl;
                    return Redirect(returnUrl);

                }
                else
                {
                    return RedirectToAction("Nerd", "Home");
                }
            }
            else
            {
                message = "Invalid credential provided";
            }
        }
        else
        {
            message = "Invalid credential provided";
        }
    }
    ViewBag.Message = message;
    return View();
}

And finally this is the lines I added in web.config file

 <authentication mode="Forms">
      <forms cookieless="UseCookies"  loginUrl="/Account/Login"  timeout="30" slidingExpiration="true" protection="All"></forms>
    </authentication>

And when I run this I never get to actually login it always send me back to the login page and the value of the returnUrl is always null So what is going on here????

Could you include `Login` GET method (your current example only has POST method)? `ViewBag.ReturnUrl` value exists if the GET action method result assigns the URL, otherwise it's null as `ViewBag` default value. Consider to use `ViewBag.ReturnUrl = Request.QueryString["ReturnUrl"]` if you're sure the returned URL given from query string. — Tetsuya Yamamoto, Oct 09 '17 at 01:04
Yes I have the GET action method `public ActionResult Login(string ReturnUrl) { ViewBag.ReturnUrl = ReturnUrl; return View(); }` I'll try this out but do I have to change anything in the view? — salRad, Oct 09 '17 at 09:29
It didn't work :( any other ideas? I feel lost here it's been couple of days and still didn't find any solution to this frustrated problem — salRad, Oct 09 '17 at 09:36
Why not adding return URL property in `UserLogin` viewmodel class & pass returned URL by `HiddenFor`? When `UserLogin` submitted using POST, it automatically passes returned URL value and you can assign it with `ViewBag.ReturnUrl = login.returnUrl`. — Tetsuya Yamamoto, Oct 09 '17 at 09:39
OK there is a progress now the return Url has a value but still my user is redirected to the login page as if he didn't grant authentication...I think part of the problem is the lack of full understanding on my behalf, I post this in another forum and someone pointed out that I don't have a code for user actually logging in do you have any other ideas? Thanks — salRad, Oct 09 '17 at 10:24
I used the debugger and everything looks fine it is actually executing the if (Url.IsLocalUrl(ReturnUrl)) statement and this is the url in the browser http://localhost:49408/Account/Login?ReturnUrl=%2FHome%2FNerd but it never goes to the (/Home/Nerd) it goes back to login page without any message displayed...so why do you think is that, why the user is not granting access to the page this is the Nerd action method in Home Controller [Authorize] public ActionResult Nerd() { return View(); } Help anyone — salRad, Oct 09 '17 at 13:09

score 1 · Accepted Answer · answered Oct 11 '17 at 15:57

1

OK after much search I found my answer here [Request.IsAuthenticated is always false ]

I had to add these line in my web.config's modules inside system.WebServer

<remove name="FormsAuthentication" />
      <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />

answered Oct 11 '17 at 15:57

salRad

320
1
8
21

Where is the web.config's module located or what file do you mean? – Steven Jun 06 '18 at 13:27
in web.config file there is modules tag and inside there is system.WebServer tag, there I put the above code. – salRad Jun 07 '18 at 15:05

Asp.net MVC ReturnUrl value always null

1 Answers1