Zoran G
Reputation: 71
ASP.NET Microsoft Identity issue
I have asp.net mvc project which uses Microsoft Identity membership. My roles are: admin, agent, client, content editor, junior. Junior role is last added and I am not able to login with it. This is the controller that is invoked after login:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PoloCpi.Data.Services.Interfaces;
using PoloCpi.Model.ViewModels;
namespace PoloCpi.Web.Areas.Admin.Controllers
{
/// <summary>
/// Dashboard controller
/// </summary>
public class DashboardController : Controller
{
private readonly IJobService _obJobService;
private readonly IAgentService _objAgentService;
private readonly IHistoryLogsService _objHistoryLogsService;
private readonly IFileUploadService _objFileUploadService;
private readonly IJobReportService _objJobReportService;
public DashboardController(IJobService obJobService, IAgentService objAgentService, IHistoryLogsService objHistoryLogsService, IFileUploadService objFileUploadService, IJobReportService objJobReportService)
{
_obJobService = obJobService;
_objAgentService = objAgentService;
_objHistoryLogsService = objHistoryLogsService;
_objFileUploadService = objFileUploadService;
_objJobReportService = objJobReportService;
}
//
// GET: /Admin/Dashboard/
//[Authorize(Roles = "Admin, Agent, Client, ContentEditor, Junior")]
public ActionResult Index()
{
return View();
}
/// <summary>
/// Date reminders
/// </summary>
/// <returns></returns>
public ActionResult MattersDateReminders(int page = 1, int pageSize = 10)
{
var reminderDates = _obJobService.GetReminderDates(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Reminder dates";
ViewBag.Container = "reminder-dates-container";
ViewBag.ShowMoreId = "reminder-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { reminderDates = reminderDates, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", reminderDates);
}
/// <summary>
/// Last day of services
/// </summary>
/// <returns></returns>
public ActionResult LastDayOfServices(int page = 1, int pageSize = 10)
{
var lastDayOfServices = _obJobService.GetLastDayOfServices(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Last day of services";
ViewBag.Container = "last-dates-container";
ViewBag.ShowMoreId = "last-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { lastDayOfServices = lastDayOfServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", lastDayOfServices);
}
/// <summary>
/// Agent licenses
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">pageSize</param>
/// <returns>List of agent liceses</returns>
public ActionResult AgentLicenses(int page = 1, int pageSize = 10)
{
var agentLicenses = _objAgentService.CheckForExpiringLicenses(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Title = "Agent Licenses";
ViewBag.Controller = "Agent";
ViewBag.Action = "GetAgentLicenses";
ViewBag.Container = "agent-licenses-container";
ViewBag.ShowMoreId = "agent-licenses-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { agentLicenses = agentLicenses, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", agentLicenses);
}
/// <summary>
/// Agent reports
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of agent reports</returns>
public ActionResult AgentReports(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objJobReportServices = _objJobReportService.FindAgentReportAlerts(page, pageSize);
ViewBag.Title = "Agent Reports";
ViewBag.Controller = "Job";
ViewBag.Action = "JobDetails";
ViewBag.Container = "agent-reports-container";
ViewBag.ShowMoreId = "agent-reports-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { jobReports = objJobReportServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", objJobReportServices);
}
/// <summary>
/// File uploads
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of file uploads</returns>
public ActionResult FileUploads(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var fileUploadsList = _objFileUploadService.FindFileUploadsAlerts(page, pageSize);
ViewBag.Title = "File Uploads";
ViewBag.Controller = "FileUpload";
ViewBag.Action = "Files";
ViewBag.Container = "file-uploads-container";
ViewBag.ShowMoreId = "file-uploads-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { fileUploads = fileUploadsList, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", fileUploadsList);
}
/// <summary>
/// Latest activities
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of latest activities</returns>
public ActionResult LatestActivityOfAdmins(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var latestActivities = _objHistoryLogsService.GetHistoryLogs(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { latestActivities = latestActivities, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_LatestAdminActivity.cshtml", latestActivities);
}
/// <summary>
/// Invoices
/// </summary>
/// <param name="page">Page</param>
/// <param name="pageSize">Page Size</param>
/// <returns>List of invoices</returns>
public ActionResult Invoices(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objInvoiceAlerts = _obJobService.FindClosedMattersWithoutInvoice(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { invoiceAlerts = objInvoiceAlerts, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_Invoices.cshtml", objInvoiceAlerts);
}
}
}
As far as you see there is no authorize attribute at all, and if I type the url manually logical I need to get to dashboard but instead that I am redirected to login page.
Here is my login action:
/// <summary>
/// Login action for post data
/// </summary>
/// <param name="userModel">User model object</param>
/// <param name="returnUrl">Return url</param>
/// <returns>View</returns>
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> Login(LoginViewModel userModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(userModel);
}
var _objApplicationUser = await _objUserService.FindUser(userModel.UserName, userModel.Password);
if (_objApplicationUser == null)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_EXISTS);
return View(userModel);
}
if (!_objApplicationUser.IsActive)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_NOT_ACTIVE);
return View(userModel);
}
await _objUserService.SignIn(HttpContext.GetOwinContext().Authentication, _objApplicationUser, userModel.RemeberMe);
string strUserId = _objApplicationUser.Id.ToString();
var objRoleForCurrentUser = _objUserService.FindUserById(strUserId);
if (objRoleForCurrentUser.Role == "Admin" || objRoleForCurrentUser.Role == "Junior")
{
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else {
return RedirectToAction("Index", "Dashboard");
}
}
else
{
return RedirectToAction("Index", "Job", new { Page = 1, Take = 10 });
}
}
I am looking forward to hear from you if anyone has experienced this kind of problem.
I repeat myself this is case only for junior role not for other roles that exists in the system.
_objUserService contains methods for managing users and value of objRoleForCurrentUser is "Junior". User is logged in but instead of redirecting to dashboard I have been redirected to Login page.
Here is the code in sign in. It is default asp.net code for sign in:
var userIdentity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
authManager.SignIn(new AuthenticationProperties
{
IsPersistent = rememberMe,
}, userIdentity);
Thank you.
Upvotes: 0
Views: 135
Answers (1)
Chris Pratt
Reputation: 239200
More likely than not, you have a child action being rendered in your layout, and that child action is decorated with Authorize or exists in a controller decorated with Authorize and doesn't allow the junior role. In general, you should not authorize a child action unless it is specifically meant to work with the user object, and then, in that case, you should also add [AllowAnonymous] so authorization isn't required.
Upvotes: 0
Related Questions
- ASP.NET Identity login
- Asp.net MVC Authentication issue
- ASP.NET Identity not set in login request
- ASP.NET Identity not authorizing properly
- ASP.NEt Identity Not working or registering
- Asp.net MVC 5 Identity Access
- MVC Asp.NET Identity Unknown Error Occurring
- ASP.NET Identity - Not Authorized Page
- asp net identity EF
- Error Message with ASP.NET Identity