1
在參考this posted question重定向到RETURNURL不工作
給出的答案不爲我工作,我在這裏有同樣的問題。
我也使用aspnet身份驗證,用戶可以嘗試導航到網站上的任何頁面,特別是用戶導航到類似/ mycontroller/myaction/25的地方很常見,其中25是帳戶或該用戶經常使用的產品標識符。
如果用戶在嘗試訪問該URL時當前未通過身份驗證,則會將其重定向到登錄屏幕。登錄後,重定向(returnURL)不會將用戶導航到請求的頁面。該頁面保留在登錄屏幕上。
,用戶將粘貼到登錄前的地址欄中的URL可能是:
http://localhost:4082/Account/LogOn?ReturnUrl=%2fProduct%2fEdit%2f59
輸入憑據和調試看到的憑據進行身份驗證後,URL是一樣的
http://localhost:4082/Account/LogOn?ReturnUrl=%2fProduct%2fEdit%2f59
股票mvc項目和我的區別在於,我不僅僅是登錄時發生的登錄動作。這裏是我的代碼:(我明明通過使各功能小破東西,包含)
public ActionResult LogOn() {
if (User.Identity.IsAuthenticated)
return RedirectToAction("Index", "Home");
var model = new LogOnViewModel();
return View(model);
}
[HttpPost]
public ActionResult LogOn(LogOnViewModel model, string returnUrl) {
if (ModelState.IsValid) {
try {
return AttemptToAuthenticateUser(model, returnUrl);
}
catch (Exception ex) {
ModelState.AddModelError("", ex.Message);
}
}
return View(model);
}
private ActionResult AttemptToAuthenticateUser(LogOnViewModel model, string returnUrl) {
var membershipUser = GetUserFromMembershipProvider(model.Username, false);
var audit = new LoginAudit(model.Username, model.Password, Request.Browser.Browser, Request.Browser.Type, Request.UserHostAddress);
VerifyUserAccountIsApprovedNotLockedOut(membershipUser);
AuthenticateCredentials(model, audit);
AuditLogon(audit, model.Username, true);
return ForwardToLogonResultAction(membershipUser, returnUrl, model.RememberMe);
}
internal static MembershipUser GetUserFromMembershipProvider(string username, bool isUserCurrentlyLoggedIn) {
var membershipUser = Membership.GetUser(username, isUserCurrentlyLoggedIn);
if (membershipUser == null)
throw new Exception("The user account was not found");
return membershipUser;
}
internal static void VerifyUserAccountIsApprovedNotLockedOut(MembershipUser membershipUser) {
if (membershipUser.IsLockedOut || !membershipUser.IsApproved)
throw new Exception("This account has been disabled or has been locked out. Please contact Administration for support");
}
private void AuthenticateCredentials(LogOnViewModel model, LoginAudit audit) {
if (Membership.ValidateUser(model.Username, model.Password)) { }
else {
AuditLogon(audit, model.Username, false);
throw new Exception("The user name or password provided is incorrect");
}
}
private void AuditLogon(LoginAudit audit, string username, bool isSuccessfullyAuthenticated) {
if (isSuccessfullyAuthenticated)
audit.Password = string.Empty;
audit.Save(username);
}
private ActionResult ForwardToLogonResultAction(MembershipUser currentMembershipUser, string returnUrl, bool rememberMe) {
if (IsPasswordOnAccountTemporary((Guid)currentMembershipUser.ProviderUserKey))
return RedirectToAction("Edit", "ChangePassword");
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) {
return Redirect(returnUrl);
}
return ForwardUserToHomePage(currentMembershipUser.UserName, rememberMe);
}
private bool IsPasswordOnAccountTemporary(Guid userGUID) {
var profile = new Profile(userGUID);
return profile.IsTemporaryPassword;
}
更新
我試圖改變後採取措施才能使RETURNURL檢查是在同一個行動,但它仍然不能正常工作:
[HttpPost]
public ActionResult LogOn(LogOnViewModel model, string returnUrl) {
if (ModelState.IsValid) {
try {
AttemptToAuthenticateUser(model, returnUrl);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
return Redirect(returnUrl);
return ForwardUserToHomePage(model.Username, model.RememberMe);
}
catch (Exception ex) {
ModelState.AddModelError("", ex.Message);
}
}
return View(model);
}
更新2 更改我的代碼返回的路上我orginally了它,它的作品完美......所以這告訴我,有更多的事情要做的排序的什麼我比其他任何事情都做得更好......去嘗試重新開始,責令較小的方法來匹配這個動作的順序,並看看會發生什麼
[HttpPost]
public ActionResult LogOn(LogOnViewModel model, string returnUrl) {
if (ModelState.IsValid) {
MembershipUser currentUser;
var audit = new LoginAudit(model.Username, model.Password, Request.Browser.Browser, Request.Browser.Type, Request.UserHostAddress);
if (Membership.ValidateUser(model.Username, model.Password)) {
audit.Password = string.Empty;
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
currentUser = Membership.GetUser(model.Username, true);
if (currentUser != null && currentUser.ProviderUserKey != null) {
var profile = new Profile((Guid)currentUser.ProviderUserKey);
if (profile.IsTemporaryPassword)
return RedirectToAction("Edit", "ChangePassword");
}
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) {
return Redirect(returnUrl);
}
return RedirectToAction("Index", "Home");
}
currentUser = Membership.GetUser(model.Username, false);
if (currentUser != null && (currentUser.IsLockedOut || !currentUser.IsApproved)) {
ModelState.AddModelError("", "This account has been locked out. Please contact ELM Administration for support.");
}
else {
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
audit.Save(model.Username);
}
return View(model);
}
UDPATE 3
這固定它,得到它我自己:-)
private void AuthenticateCredentials(LogOnViewModel model, LoginAudit audit) {
if (Membership.ValidateUser(model.Username, model.Password)) {
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
}
else {
AuditLogon(audit, model.Username, false);
throw new Exception("The user name or password provided is incorrect");
}
}
我使用beginform不帶參數只是@Html。BeginForm() –
我對問題 –
@CDSmith添加了另一個更新:您的HttpPost操作方法期待一個名爲returnUrl的參數,因此您應該通過該參數。像我的答案一樣改變你的表格。 – Shyju