asp.net-mvcasp.net-core

This Page isn't working Localhost redirected too many times MVC


Too many redirects

Error with many encoded ReturnUrl parameters

Program.cs File with Cookie authentication:

builder.Services.AddAuthentication("CookieAuthentication").AddCookie("CookieAuthentication", options =>
            {
                options.LoginPath = "/<Login/LoginView";
                options.AccessDeniedPath = "/Login/AccessDenied";
            });

// Configure the HTTP request pipeline.

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Login}/{action=Signup}/{id?}");

app.Run();

Login Controller:

 [HttpPost]
        [ValidateAntiForgeryToken]
        public IActionResult LoginView(string username, string password)
        {
            if (!ModelState.IsValid)
            {
                //Error code here
            }
            
            if (!UserExists(username, password))//Check if user exists in Database
            {
                //Error code here
            }
           
            TempData["Username"] = username;
            return RedirectToAction("Index", "Home");
            //I used breakpoint here and this code runs but doesn't work properly.
        }

I have also used the [Authorize] attribute on Home Controller to prevent users from accessing it without login.Login/LoginView is the Login rage Path.


Solution

  • This Page isn't working Localhost redirected too many times MVC

    For your current scenario,be sure add the [AllowAnonymous] on your Index action in the HomeController. And your LoginPath is /Home/Index, it is no need to be authorized.

    [Authorize]
    public class HomeController : Controller
    {
        [AllowAnonymous]
        public async Task<IActionResult> Index()
        {
            //do your stuff...
            return View();            
        }
        //....
    }
    

    Update:

    Cookie authentication to login

    Program.cs:

    builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
    {
        options.LoginPath = "/Login/LoginView";
        options.AccessDeniedPath = "/Login/AccessDenied";
    });
            
    var app = builder. Build();
           
    app.UseHttpsRedirection();
    app.UseStaticFiles();
    
    app.UseAuthentication();   //be sure add authentication and authorization middleware.....
    app.UseAuthorization();
    
    //...
    

    How to sigh in the user:

    [HttpPost]
    [ValidateAntiForgeryToken]
    public async Task<IActionResult> LoginView(string username, string password)
    {
         if (!ModelState.IsValid)
         {
            //Error code here
         }
            
         if (!UserExists(username, password))//Check if user exists in Database
         {
            //Error code here
         }                      
        var claims = new List<Claim>
        {
            new Claim(ClaimTypes.NameIdentifier,username)   //add the claims you want...
        };
        //authProperties you can choose any option you want, below is a sample...
        var authProperties = new AuthenticationProperties
        {
            //IssuedUtc = DateTimeOffset.UtcNow,
            //ExpiresUtc = DateTimeOffset.UtcNow.AddHours(1),
            //IsPersistent = false
        };
        var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
        await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
    
        TempData["Username"] = username;
        return RedirectToAction("Index", "Home");
        
    }