Best IT Recipes

Is ASP.NET MVC Login ReturnUrl Always NULL?

Using ASP.NET MVC forms authentication when trying to enter a site, it places the ReturnUrl parameter in the query string. My input action method accepts the string "returnUrl". However, it seems that the string returnUrl is always null, even if it is explicitly in the query string. Any thoughts on why this might be this way or that?

+54
redirect login asp.net-mvc
May 6 '09 at 3:24
source share
5 answers

Maybe you do not include the ReturnURL parameter in your login form action attribute, so you are sending the URL without this parameter?

+23
May 6 '09 at 3:30
source share
β€” -

This tends to happen when you use one common login form, but you explicitly specify Controller and ActionMethod (which invokes the form message but plays querystring)

Just to clarify, here is what your code looks like in your BeginForm:

 Html.BeginForm("LogOn", "Account", new { ReturnUrl = Request.QueryString["ReturnUrl"] })

EDIT . This is by design, as RickAnd mentions in the comments below. However, this does not allow the user interface template to be deep on the site by clicking on LogOn, and then returns to the previous page if it allows anonymous users. This is a commonly requested template. David Allen's approach to LogOff is also well suited for pure redirection to LogOn.

+116
Jul 30 '09 at 13:47
source share

Basically, Asp.net MVC has some hidden features. For example, when you pass the variable "id" to a controller action, it interprets "id" as the default identifier and places it in the browser request with a slash. Using a different name instead of "id", we will see '?' not a slash. Due to setting the name 'id' in the RegisterRoutes method in the global.asax file.

In this task, you created a custom data proxy controller using this code:

 using(Html.BeginForm("LogOn", "Account", FormMethod.Post)) { //form fields }

So, Asp.net MVC ignores other useful data to go to the controller action, and we will see returnUrl always null .

Although using this, Asp.net MVC acts correctly and returnUrl is mounted:

 using(Html.BeginForm()) { //form fields in LogOn View }

By the way, when we use user data skips for controller actions, it is necessary to transfer other data manually as follows:

 using(Html.BeginForm("LogOn", "Account", new {ReturnUrl = Request.QueryString["ReturnUrl"] })) { //form fields }
+6
Jul 21 '13 at 12:57 on
source share

There are two ways in which I can think of logon and logoff scripts. Dave Beer described one of the ways above. There is another approach that works in many situations. I used it when I coded the NerdDinner tutorial. The tutorial provides us with a logout function that logs you out and returns you home. I didn’t want that. I wanted to go back to the page I was on before I go out. Therefore, I changed the action of logging out of the account of the account controller so that it looks like this:

  public ActionResult LogOff() { FormsService.SignOut(); return Redirect(Request.UrlReferrer.ToString()); }

You can get fancier and pass in returnUrl and test it if you want to override this behavior. But I don’t need it. This achieves the desired result. Logon may work in a similar way. There may be ways to use the MVC framework for this, but until I recognize them, it is VERY simple and works reliably.

+3
Apr 03 2018-10-10 at
source share

Try the following:

  public static MvcForm BeginForm(this HtmlHelper htmlHelper, string id) { string formAction = htmlHelper.ViewContext.HttpContext.Request.RawUrl; TagBuilder tagBuilder = new TagBuilder("form"); tagBuilder.MergeAttribute("id", id); tagBuilder.MergeAttribute("action", formAction); tagBuilder.MergeAttribute("method", HtmlHelper.GetFormMethodString(FormMethod.Post), true); HttpResponseBase httpResponse = htmlHelper.ViewContext.HttpContext.Response; httpResponse.Write(tagBuilder.ToString(TagRenderMode.StartTag)); return new MvcForm(htmlHelper.ViewContext.HttpContext.Response); }

First make sure you set the login URL to web.config, then make sure your signature does not contain anything like this, for example:

View:

If you specify an action, you will always get null for the return URL:

Controller:

 [AcceptVerbs(HttpVerbs.Post)] public ActionResult SignIn(string userName, string password, bool? rememberMe, string returnUrl) { }
+1
May 6 '09 at 8:58 a.m.
source share


More articles:


All Articles