CODEWITHSUNDEEP
c#asp.net-mvc
Kmaczek
Kmaczek

Reputation: 648

Request.IsAuthenticated is always false

Can you tell me why FormsAuthentication.SetAuthCookie(user.Name, false); is not causing Request.IsAuthenticated to be true?

Here is my code:

[HttpPost]
    public ActionResult LogIn(karcioszki.Models.UserLoginModel  user)
    {
        if (ModelState.IsValid)
        {
            if (IsValid(user.Name, user.Password))
            {
                FormsAuthentication.SetAuthCookie(user.Name, false);
                return RedirectToAction("Index", "Home");
            }
            else
            {
                ModelState.AddModelError("", "Login or password is incorrect");
            }
        }

        return View(user);
    }

and if statement:

@if (Request.IsAuthenticated)
{
    <a href="@Href("~/")" class="active">Home</a>
    <a href="@Href("~/Cards")">Cards</a>
    @Html.ActionLink("Log out", "Logout", "User")
    @Html.Encode(User.Identity.Name)
}

Also, please tell me, how to make it work?

EDIT: I added authentication in web.config(both) but it still isn't working.

<system.web>
<httpRuntime targetFramework="4.5" />
<compilation debug="true" targetFramework="4.5" />
<authentication mode="Windows"/>
<pages>
  <namespaces>
    <add namespace="System.Web.Helpers" />
    <add namespace="System.Web.Mvc" />
    <add namespace="System.Web.Mvc.Ajax" />
    <add namespace="System.Web.Mvc.Html" />
    <add namespace="System.Web.Routing" />
    <add namespace="System.Web.WebPages" />
    <add namespace="System.Web.Optimization" /> 
  </namespaces>
</pages>

Should I use Windows or other mode?

Upvotes: 28

Views: 46008

Answers (10)

Markus Knappen Johansson
Markus Knappen Johansson

Reputation: 1630

In my case I had this issue which ended up in a redirect-loop where the user would be redirected to the login, successfully logged in and then back to our site but since Request.IsAuthenticated was false the user was redirected to the login again.

In our case this was solved by using another CookieManager,

var cookieOptions = new CookieAuthenticationOptions();
cookieOptions.CookieManager = new SystemWebCookieManager(); 
app.UseCookieAuthentication(cookieOptions);

Turns out that there was some kind of bug in Katana that this other CookieManager worked around, in out case this solved the issue.

https://github.com/aspnet/AspNetKatana/wiki/System.Web-response-cookie-integration-issues

Upvotes: 2

tayfun Kılı&#231;
tayfun Kılı&#231;

Reputation: 2834

Just do it

     <system.web>
    <authentication mode="Forms">
      <forms cookieless="UseCookies" loginUrl="~/User/Login" slidingExpiration="true"> 
   </forms>
    </authentication>
..........
.......
  </system.web>

Upvotes: 0

Chee Hou Ng
Chee Hou Ng

Reputation: 1

I solve it by deleting the caches and cookies in browser.

Upvotes: 0

Roberto Franco
Roberto Franco

Reputation: 11

In my case, it was a problem in Chrome browser. I just removed all cookies stored and works.

Upvotes: 1

Long Luong
Long Luong

Reputation: 810

Add the following code in your Web.config

<authentication mode="Forms">
  <forms loginUrl="~/_Login/Login" timeout="30" />
</authentication>

and

  <modules>
  <remove name="FormsAuthentication" />
  <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
</modules>

Upvotes: 10

blu3drag0n
blu3drag0n

Reputation: 71

I was looking for about 2 hours now to solve the problem. And in case you already got setups like you are told to in several guides (as MSDN and so) and you still got the problem, the one and only thing that will solve it is to add:

<system.webServer>
  <modules>
     <remove name="FormsAuthentication" />
     <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
  </modules>
<system.webServer>

within the webconfig.

Upvotes: 2

user2243747
user2243747

Reputation: 2967

I had exactly same problem in my MVC4 Web Application. One more possible reason for this problem is below method in IdentityModels.cs file

public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
    {
                            // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
                            var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
                            // Add custom user claims here
                   return userIdentity;
    }

Make sure DefaultAuthenticationTypes is ApplicationCookie

Cheers,

Upvotes: 1

Ger Groot
Ger Groot

Reputation: 1101

I had the same problem in an MVC5 project. The solution was to add the following lines to the modules section in the system.webServer

<remove name="FormsAuthentication" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />

Upvotes: 49

Sanjay Sharma
Sanjay Sharma

Reputation: 635

you must set FormsAuthentication.SetAuthCookie(acct.UserName, true); after validating user and please check you must set authentication mode="Forms" in web.config.

Upvotes: 16

AliK
AliK

Reputation: 1077

You are checking if the user is authenticated. So use:

if (User.Identity.IsAuthenticated)

This will fix the issue and as mentioned set the authentication element in your web.config to Forms and not Windows.

Upvotes: 2

Related Questions