asp.net-mvcasp.net-core

This Page isn't working Localhost redirected too many times MVC

Too many redirects

Error with many encoded ReturnUrl parameters

Program.cs File with Cookie authentication:

builder.Services.AddAuthentication("CookieAuthentication").AddCookie("CookieAuthentication", options =>
            {
                options.LoginPath = "/<Login/LoginView";
                options.AccessDeniedPath = "/Login/AccessDenied";
            });

// Configure the HTTP request pipeline.

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Login}/{action=Signup}/{id?}");

app.Run();

Login Controller:

 [HttpPost]
        [ValidateAntiForgeryToken]
        public IActionResult LoginView(string username, string password)
        {
            if (!ModelState.IsValid)
            {
                //Error code here
            }
            
            if (!UserExists(username, password))//Check if user exists in Database
            {
                //Error code here
            }
           
            TempData["Username"] = username;
            return RedirectToAction("Index", "Home");
            //I used breakpoint here and this code runs but doesn't work properly.
        }

I have also used the [Authorize] attribute on Home Controller to prevent users from accessing it without login.Login/LoginView is the Login rage Path.

Solution

  • This Page isn't working Localhost redirected too many times MVC

    For your current scenario,be sure add the [AllowAnonymous] on your Index action in the HomeController. And your LoginPath is /Home/Index, it is no need to be authorized.

    [Authorize]
public class HomeController : Controller
{
    [AllowAnonymous]
    public async Task<IActionResult> Index()
    {
        //do your stuff...
        return View();            
    }
    //....
}

    Update:

    Cookie authentication to login

    Program.cs:

    builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
{
    options.LoginPath = "/Login/LoginView";
    options.AccessDeniedPath = "/Login/AccessDenied";
});
        
var app = builder. Build();
       
app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseAuthentication();   //be sure add authentication and authorization middleware.....
app.UseAuthorization();

//...

    How to sigh in the user:

    [HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> LoginView(string username, string password)
{
     if (!ModelState.IsValid)
     {
        //Error code here
     }
        
     if (!UserExists(username, password))//Check if user exists in Database
     {
        //Error code here
     }                      
    var claims = new List<Claim>
    {
        new Claim(ClaimTypes.NameIdentifier,username)   //add the claims you want...
    };
    //authProperties you can choose any option you want, below is a sample...
    var authProperties = new AuthenticationProperties
    {
        //IssuedUtc = DateTimeOffset.UtcNow,
        //ExpiresUtc = DateTimeOffset.UtcNow.AddHours(1),
        //IsPersistent = false
    };
    var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
    await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);

    TempData["Username"] = username;
    return RedirectToAction("Index", "Home");
    
}