0

In my controller I have a login method. There I check credentials and if everything is ok call

FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

It works but if I immediately check

this.User.Identity.IsAuthenticated

inside a controller I see that it is still false. I need to refresh a page to see that user is indeed authenticated. Is there a possibility to make user authenticated immediately, during the same request? Other partial views which are rendered after depend on it.

In web forms development I would call something like 

RedirectFromLoginPage

but here it is inside partial view rendered from a layout file, I can't redirect from there.

tereško
  • 58,060
  • 25
  • 98
  • 150
ElDog
  • 1,230
  • 1
  • 10
  • 21
  • Why can't you redirect? You are inside a controller method. You should be able to return `RedirectToAction()` – Jan Nov 07 '12 at 16:17
  • My logon view is a partial view being rendered inside layout file. I tried to do RedirectToAction() but get an exception. Can't check it this very moment, maybe it was "Child actions are not allowed to perform redirect actions". – ElDog Nov 07 '12 at 16:28
  • That means, you login action is called by RenderAction? Can't you just post your login form to a standard action method? – Jan Nov 07 '12 at 16:58
  • I'm new to mvc as you have probably already realized :-) So it is a bit hard for me to answer your question. I have _layout.cshtml file which needs to contain logon controls shown on the top of every page (or logged in user name). Inside _layout.cshtml I call @Html.Action("LogOn", "Account") it's not RenderAction. – ElDog Nov 07 '12 at 17:06
  • Ok, the LogOn action renders a LogOn view with the login form, right? Now tell me, how that LogOn view calls the action where you call `FormsAuthentication.SetAuthCookie`? – Jan Nov 07 '12 at 21:07
  • – ElDog Nov 07 '12 at 21:32
  • Can you show more code? At least the view with your login form and the action method that gets called? I don't see a partial action here. – Jan Nov 07 '12 at 21:44
  • Ok, in a controller there is a method ActionResult LogOn() which returns a view as usual. And another one [HttpPost] [AllowAnonymous] public ActionResult LogOn(LogOnModel model, string returnUrl) which receives posted information and performs logon. returnUrl is not used now. – ElDog Nov 08 '12 at 08:26

1 Answers1

1

The call FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); sets an encrypted authentication cookie. Because this is a cookie, the call for IsAuthenticated is not immediate as the user has to make another request to the server in order for the cookie to be sent to/from the client.

Tommy
  • 39,592
  • 10
  • 90
  • 121
  • Good explanation, but no solution proposed :-) – ElDog Nov 07 '12 at 21:35
  • You have to redirect from your HTTPPOST login action. Not from inside the view. There is no option to 'authenticate the user immediately' – Tommy Nov 07 '12 at 21:56
  • This answer helped me to resolve a pb: http://stackoverflow.com/a/5444079/1025581 Your answer is obviously true so I mark it. – ElDog Nov 12 '12 at 13:10