CODEWITHSUNDEEP
c#asp.net-mvcasp.net-mvc-5
ThunD3eR
ThunD3eR

Reputation: 3456

How to mask 'ReturnUrl' in url?

I have a asp.net mvc project and when comming to the loginPage my url looks like:

http://localhost:63356/Account/Login?ReturnUrl=%2F

I don't want it to look like this, and in the routConfig file I've done this:

routes.MapRoute(
   name: "LogIn",
   url: "LogIn",
   defaults: new { controller = "Account", action = "Login" }
);

Which should make the url like this:

http://localhost:63356/Login

What am I missing?

EDIT:

The Login action:

[AllowAnonymous]
public ActionResult Login()
{
  return View();
}

EDIT 2: @pwas mentioned that this is being setup in the view so I altered it by removing the returnUrl paramater: 

<section role="main" id="login">
    <div class="panel center-block logInBlock" style="width:300px;">
        <div class="panel-heading loginHeadPadding"><h1>Logga in</h1></div>
        <div class="panel-body loginBodyPadding">

            @using (Html.BeginForm("Login", "Account", new {  }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
            {
                @Html.AntiForgeryToken()
                <div class="form-group text-left">
                    @Html.LabelFor(m => m.UserName, "Användarnamn")
                    @Html.TextBoxFor(m => m.UserName, new { @class = "form-control", placeholder = "Användarnamn" })
                </div>
                <div class="form-group text-left">
                    @Html.LabelFor(m => m.Password, "Lösenord")
                    @Html.PasswordFor(m => m.Password, new { @class = "form-control", placeholder = "Lösenord" })
                </div>

                <input type="submit" value="Logga in" class="btn btn-primary btn-block" />

                @Html.ValidationSummary(true, "", new { @class = "text-danger" })
            }
        </div>
    </div>
</section>

Problem still remains

Upvotes: 0

Views: 676

Answers (1)

Peter B
Peter B

Reputation: 24187

In file Startup.Auth.cs the MVC template probably generated a block like this:

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    // ...
    LoginPath = new PathString("/Account/Login"),
    // ... more ...
});

Change it to this:

    LoginPath = new PathString("/Login"),

then it will work, combined with the route that you had defined already.


To get rid of the ReturnUrl= is a different matter, it is rather forcefully implemented by the ASP.NET authorization mechanism.
You can change the name to e.g. from= by putting this in the above block:

    ReturnUrlParameter = "from",

Setting it to "" does not remove it, just the name that is used will be empty. Also you'll have to make changes in several other places to make sure that the new name is used everywhere.

To remove it entirely there are various guides, but I believe most if not all involve redirecting or URL rewriting.

Upvotes: 1

Related Questions