1

I'm using the ASP.NET Boilerplate framework to create an application with authorization but having trouble making it work.

The ajax method is calling the Login method and retrieving the correct data performing the success function and confirming: "Logged in!". (Only when the log-in information is correct, els it gives error).

I expected that the 'AuthenticationManager.SignIn' would take care of all the Login functionality (seems to be the case in the module-zero). But after logging in and going to a controller with [AbpMvcAuthorize] applied, I end up on a page informing me that I do not have permission to open the page.

Javascript:

(function () {
    $('#LoginButton').click(function (e) {
        e.preventDefault();
        abp.ui.setBusy(
            $('#LoginArea'),
            abp.ajax({
                url: abp.appPath + 'Account/Login',
                type: 'POST',
                    data: JSON.stringify({
                    usernameOrEmailAddress: $('#EmailAddressInput').val(),
                    password: $('#PasswordInput').val(),
                    rememberMe: $('#RememberMeInput').is(':checked')
                }),
                success: function (data) {
                    if (data != null) {
                        confirm(data);
                   }
                },
                error: function () {
                    confirm("Something went wrong. Try again later!");
                }
            })
        );
    });
})();

AccountController:

[HttpPost]
public async Task<JsonResult> Login(LoginViewModel loginModel, string returnUrl = "")
{
    try
    {
        if (!ModelState.IsValid)
        {
            throw new UserFriendlyException("Your form is invalid!");
        }

        var loginResult = await _userManager.LoginAsync(
            loginModel.UsernameOrEmailAddress,
            loginModel.Password,
            loginModel.TenancyName
        );

        switch (loginResult.Result)
        {
            case AbpLoginResultType.Success:
                break;
            case AbpLoginResultType.InvalidUserNameOrEmailAddress:
                ...
        }

        AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
        AuthenticationManager.SignIn(new AuthenticationProperties { 
            IsPersistent = loginModel.RememberMe }, loginResult.Identity);

        if (string.IsNullOrWhiteSpace(returnUrl))
        {
            returnUrl = Request.ApplicationPath;
        }
    }
    catch (UserFriendlyException ex)
    {
        return Json(ex.Message);
    }
    return Json("Logged in!");
}

Edit: After AuthenticationManager.Sign(..), I can see the logged in user information by loginResult.User. So I guess the login works but that something is wrong with [AbpMvcAuthorize]?

Sam
  • 1,303
  • 3
  • 23
  • 41

1 Answers1

1

It's very strange. How did you created your solution? From the template (http://www.aspnetboilerplate.com/Templates)? Because, it works normally in the template (see HomeController of the template: https://github.com/aspnetboilerplate/module-zero-template/blob/master/src/AbpCompanyName.AbpProjectName.WebSpaAngular/Controllers/HomeController.cs) So, can you compare with it?

hikalkan
  • 2,234
  • 15
  • 17
  • I made it from the ABP template and than added module-zero packages using nuget. I've been comparing the both for a long time now and still can not find the problem. Can I asume that "AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = loginModel.RememberMe }, loginResult.Identity);" fully takes care of all the necessary login functionality? – Sam Aug 13 '15 at 11:47
  • After AuthenticationManager.Sign(..), I can see the logged in user information by loginResult.User. So I guess the login works but that something is wrong with [AbpMvcAuthorize]? – Sam Aug 13 '15 at 11:57
  • I started from a clean template with module zero included and it worked. Thanks for your help! – Sam Aug 14 '15 at 09:34