Asp.net core Identity successful login redirecting back to login page

Jero

I have a problem where the asp.net identity framework is redirecting the user back to the login page after they have logged in successfully.

This is using the standard Asp.net Core Identity. It is the version 2.1.1. The scaffolding that generates the razor pages. Not sure if that is significant.

I know the user is successfully logging in because I get the log message

...Areas.Identity.Pages.Account.LoginModel: Information: User logged in.

But then it redirects straight back to the login page.

If I use fiddler I can see that there is a cookie on the request so it all looks good from that perspective.

.AspNetCore.Identity.Application=CfDJ8KJxkuir9ZJIjFLCU2bzm9n6X...

So I guess the middleware that is handling the authentication but not accepting the cookie?

If I could see what the actual middleware for the auth was doing I might have an idea but I can't find it.

Any help appreciated

Kirk Larkin

In order to get the ASP.NET Core pipeline to recognise that a user is signed in, a call to UseAuthentication is required in the Configure method of your Startup class, like so:

app.UseAuthentication();
app.UseMvc(); // Order here is important (explained below).

Using the Cookies authentication scheme, the use of UseAuthentication loosely performs the following:

  • Reads the content of the .AspNetCore.Identity.Application cookie from the request, which represents the identity of the user making the request.
  • Populates the User property of HttpContext with a ClaimsPrincipal that represents said user.

This is a simplified explanation of what happens, but it highlights the important job that the authentication middleware performs. Without the authentication middleware, the .AspNetCore.Identity.Application will not be used for authenticating the user and therefore the user will not be authenticated. In your case, although the user has signed in (i.e. the cookie is being set), the pipeline middleware (e.g. MVC) does not see this user (i.e. the cookie is not being read) and so sees an unauthenticated request and redirects again for login.

Given that the authentication middleware reads the cookie and subsequently populates the ClaimsPrincipal, it should be clear that the UseAuthentication call must also be before the UseMvc call in order for this to occur in the correct order. Otherwise, the MVC middleware runs before the Authentication middleware and will not be working with a populated ClaimsPrincipal.

Why is it failing to login if you don't add the middleware that handles the login?!?

The middleware doesn't handle the login - it handles the authentication process. The user has logged in, which is confirmed by the presence of the .AspNetCore.Identity.Application cookie. What is failing here is the reading of said cookie.

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at
0

Comments

0 comments
Login to comment

Related

.NET App redirects to login page

Login Script Redirecting me back to login page

how can I prevent user to go to login page after successful authentication?

Login page edit

How to work with Azure AD external login with ASP.NET Idenity in Identity Server4

Register, Login, Confirm Email and Password Reset In Angular 6 / ASP.Net Core

login script with php mysql redirecting to login page everytime on server

Login from external database ASP.NET Core 2.2

Invalid Login Attempt with correct credentials ASP.NET Identity

Change default identity Login route to something custom asp.net core

Cannot redirect back to angular client after login in identity server

Creating a Login Page in ASP.NET Core MVC

Scrapy won't let me login to asp.net page (ASPX)

How to make Login as Default route in ASP.NET CORE 5.0 MVC

I need to extend the Session Expiry Timeout/ Login Expiry Timeout in ASP.NET Core Blazor Server

Flask Login Returning a 302 Status Code After Login (Not Redirecting to Home Page)

I want to implement remote validation for registration but not login in ASP.NET, as it won't let any user login

Django after login failed page is not redirecting to next

ASP.Net core 3.1 website not redirecting when unauthorized

login with microsoft api in asp net framework (webforms)

Login method in asp.net

Flutter Firebase Authentication and/or Login is not Successful

Login System isn't redirecting properly

Verification for successful or failed login?

ASP.NET Web Forms "Individual Accounts" not redirecting to login page for not logged in users

Authenticated user is null after successful Login Laravel

How to set default identity login page in .net core 6 mvc instead of index page in program.cs

I want to tell reactjs login component whether login was successful or not

Why is my login component not redirecting successful login's to the right page?

My Private React Route (Router v6) Not Redirecting To My Login Page

TOP Ranking

HotTag

Archive