c# - MVC 4 Forms Authentication not working with [Authorize] -


i'm learning mvc4 right now, , following pro asp net mvc4 4th edition book create sports store project.

i have developed in webforms, , trying figure out how forms authentication working in mvc4.

here have achieved:

web.config

<authentication mode="forms"> <forms loginurl="~/account/login" timeout="2880"/>  </authentication>

accountcontroller login action:

[httppost]         public actionresult login(loginviewmodel model, string returnurl)         {             if (modelstate.isvalid)             {                 if (authprovider.authenticate(model.username, model.password))                 {                     return redirect(returnurl ?? url.action("index", "admin"));                 }                 else                 {                     modelstate.addmodelerror("", "incorrect username or password");                     return view();                 }             }             else             {                 return view();             }         }

auth provider:

public bool authenticate(string username, string password) {             bool result = formsauthentication.authenticate(username, password);             if (result)             {                 formsauthentication.setauthcookie(username, false);             }              return result;          }

i setting authcookie , know, how protect other controllers , actions out of accountcontroller

the application has controller called admincontroller, can edit products , the
product list in under following {controller/action}

admin/index

so, if not missunderstanding theory, if user not logging in accountcontroller should not able call actions [authorize] tag on declaration:

 public class admincontroller : controller     {         private iproductrepository repository;           public admincontroller(iproductrepository repo)         {             repository = repo;         }         [authorize]         public actionresult index()         {              return view(repository.products);         }    }

the thing can call index action of admin controller without problem , without introducing login.

i need guidance understand how works. have done research , not find anything, , book not covering topic.

thanks in advance.

edit: closed chrome browser , worked without changing anything. working tabs , guess cookie active stopping , starting debugging.

if controller action decorated [authorize] attribute (as admin/index action) cannot invoke action if not have valid forms authentication cookie in request.

also in login action, upon successful authentication should not return view should redirect away, cookie set , available on subsequent requests.

here's should happen when non-authenticated user attempts access protected admin/index action. [authorize] attribute throw 401 exception, know classic webforms intercepted forms authentication module , redirected loginurl configured in web.config passing returnurl query string parameter requested protected resource.

so must have login action on account controller not decorated [httppost] attribute , should serve view containing sign-in view. request this:

/account/login?returnurl=%2fadmin%2findex

Comments

Post a Comment

Popular posts from this blog

blackberry 10 - how to add multiple markers on the google map just by url? -

i have android application, want convert blackberry 10 , google map needed in app,but blackberry 10 not support googlemap , blackberry developer web site supply way replace it.the sample below: @override public void oncreate(bundle savedinstancestate) { super.oncreate(savedinstancestate); setcontentview(r.layout.main); webview webview = (webview) findviewbyid(r.id.mywebview); webview.getsettings().setjavascriptenabled(true); webview.loadurl("http://maps.google.com/?ll=36.97, -122&lci=bike&z=13&t=p"); } i cannot understand it,i not know how add multiple markers on googlemap via url? can me? this worked me map shown in webview.
Read more

php - guestbook returning database data to flash -

i've been struggling problem long , unable make work, hope can me it. first, know php files correct , mysql database works fine. in flash, able submit comment database comments not display. did many tests such making returned_database flash separately , worked fine - can see old comments. long combine submitting 1 , returning 1 together, flash doesn't show comments more. put lower version flash effects on frame thinking doesn't collaborate returning flash, submitting flash works fine. since pretty complex problem hard me copy actionscript code because on different frames in flash. if has ideas fixing maybe can send file you?
Read more

delphi - Dynamic file type icon -

i want register file type in windows , make program delphi draw icon of file according contents (something custom icon format). how can this? thanks nortd , user539484 comments, searched internet "shell icon handler delphi" , found sample here , , shell+ components has component this.
Read more