Asp.net core Identity successful login redirecting back to login page

c# asp.net asp.net-core asp.net-core-identity
11,570

Solution 1

In order to get the ASP.NET Core pipeline to recognise that a user is signed in, a call to UseAuthentication is required in the Configure method of your Startup class, like so:

app.UseAuthentication();
app.UseMvc(); // Order here is important (explained below).

Using the Cookies authentication scheme, the use of UseAuthentication loosely performs the following:

  • Reads the content of the .AspNetCore.Identity.Application cookie from the request, which represents the identity of the user making the request.
  • Populates the User property of HttpContext with a ClaimsPrincipal that represents said user.

This is a simplified explanation of what happens, but it highlights the important job that the authentication middleware performs. Without the authentication middleware, the .AspNetCore.Identity.Application will not be used for authenticating the user and therefore the user will not be authenticated. In your case, although the user has signed in (i.e. the cookie is being set), the pipeline middleware (e.g. MVC) does not see this user (i.e. the cookie is not being read) and so sees an unauthenticated request and redirects again for login.

Given that the authentication middleware reads the cookie and subsequently populates the ClaimsPrincipal, it should be clear that the UseAuthentication call must also be before the UseMvc call in order for this to occur in the correct order. Otherwise, the MVC middleware runs before the Authentication middleware and will not be working with a populated ClaimsPrincipal.

Why is it failing to login if you don't add the middleware that handles the login?!?

The middleware doesn't handle the login - it handles the authentication process. The user has logged in, which is confirmed by the presence of the .AspNetCore.Identity.Application cookie. What is failing here is the reading of said cookie.

Solution 2

Note that the order is IMPORTANT. I had these reversed and experienced the exact same problem the original poster experienced. Hours wasted before I figured this out...

    app.UseAuthentication();
    app.UseAuthorization();

Solution 3

In addition to @Kirk Larkin answer if you use .net core 3 (in this time is preview version)

put your "app.UseEndpoints" in startup.cs to end of the code block.

for example it should be in this order

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
            endpoints.MapRazorPages();
        });

Solution 4

app.UseAuthentication(); app.UseMvc();

This was already in my code.However I was facing same issue. But the problem was with the Chrome browser on my case.It was working with other browser like mozilla. It starts to work on Chrome too, after i cleared all the cookies and cashes.

Solution 5

I had to do a couple of these solutions.

First, I had app.UseAuthentication(); and app.UseAuthorization(); in the incorrect order.

Second, After making the adjustment to startup.cs I was still experiencing the same problem. Doing a hard refresh a few times fixed it (can also just clear the browser cache).

Share:
11,570
Jero
Author by

Jero

Updated on July 15, 2022

Comments

  • Jero
    Jero almost 2 years

    I have a problem where the asp.net identity framework is redirecting the user back to the login page after they have logged in successfully.

    This is using the standard Asp.net Core Identity. It is the version 2.1.1. The scaffolding that generates the razor pages. Not sure if that is significant.

    I know the user is successfully logging in because I get the log message

    ...Areas.Identity.Pages.Account.LoginModel: Information: User logged in.

    But then it redirects straight back to the login page.

    If I use fiddler I can see that there is a cookie on the request so it all looks good from that perspective.

    .AspNetCore.Identity.Application=CfDJ8KJxkuir9ZJIjFLCU2bzm9n6X...

    So I guess the middleware that is handling the authentication but not accepting the cookie?

    If I could see what the actual middleware for the auth was doing I might have an idea but I can't find it.

    Any help appreciated

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Role Claims in ASP.NET Core Identity compared to Role Permissions in custom auth
Unable to resolve service for type 'Microsoft.AspNetCore.Identity.UserManager` while attempting to activate 'AuthController'
Is This How to Create a Data Transfer Object (DTO) with Entity Framework Core & ASP.NET Core MVC 2.2+ and 3.0
How do I get a reference to an IHostedService via Dependency Injection in ASP.NET Core?
Where does the ASP.NET Core logging API as default store logs?
ASP.NET Core 2.1 - Error Implementing MemoryCache
xUnit - Display test names for theory memberdata (TestCase)
launchSettings.json launchUrl doesn't work "api/values"
How to pass a URL input parameter value to Blazor page?
How do I target .NET Standard 2.0 in a freshly created .NET Core 2.0 web app?