1

Server Error in '/' Application. The anti-forgery cookie token and form field token do not match.

I have uploaded my project.After Release Its showing this error. Sometimes it login successfully for the first time but on the second attempt it gives this error.I have two two antiforgery token on same view page.

My Login modal as follows.

<div id="myModal" class="reveal-modal small" data-reveal aria-labelledby="modalTitle" aria-hidden="true" role="dialog">
        <h2><i class="social foundicon-torso"></i> <b>LOG <span style="color:#f47e00;">IN</span></b></h2>
        <hr />
        <br />
        @using (Html.BeginForm("Login", "Home", FormMethod.Post))
        {
            @Html.AntiForgeryToken()

            <div class="row">
                <div class="large-12 columns">
                    <label>
                        Enter Email Address
                        @Html.EditorFor(model => model.email, new { })
                    </label>
                </div>
                <div class="large-12 columns">
                    <label>
                        Enter Password
                        @Html.PasswordFor(model => model.password, new { })
                    </label>
                </div>
                <small>If you don't have a account click here to <a href="#" data-reveal-id="signup" style="color:#3b5998;;">Sign up</a></small>
            </div>
            <br />
            <hr />
            <button type="submit" class="button tiny right" style="color:white;margin-left:5px;">Login</button>
            <a href="#" class="button secondary tiny right close-reveal-modal" style="position:relative;    font-size: 0.6875rem;color:inherit;top:0;right:0;   font-weight: 300;" aria-label="Close">Cancel</a>}
        <a class="close-reveal-modal" aria-label="Close">&#215;</a>

    </div>

Login Code in the controller as follows

[HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Login(users user)
        {

            var v = db.users.Where(modal => modal.email.Equals(user.email)).Where(modal => modal.password.Equals(user.password)).SingleOrDefault();
                if (v != null)
                {
                    //  ViewBag.Company = v;
                      Logout(user.email);

                      UserData(v.email, v.username, v.usersId, v.accountype,v.cinc,v.cell,v.dob, v.gender, v.country, v.city, v.mstatus, v.address, v.age);
                      return RedirectToAction("index");
                }
                return RedirectToAction("WrongPassword/0");
        }
  • 1
    Show the code for the controller please. –  Mar 27 '18 at 09:44
  • Please check I have posted the code. –  Mar 27 '18 at 09:46
  • 2
    Have you got more than one @Html.AntiforgeryToken on the page? I notice the view code you've shown is for a modal, is there another anti-forgery token included by the "parent" page or in _Layout.cshtml? I've had a similar problem when more than one token was included. – upsidedowncreature Mar 27 '18 at 10:01
  • Yes you are right. I have used more than one @Html.AntiforgeryToken on the page. –  Mar 27 '18 at 10:08
  • .I have used @Html.AntiforgeryToken for Sign up and Login in the same view. can you please tell the solution. –  Mar 27 '18 at 10:33
  • 1
    There is limited value in using anti forgery tokens for signup and login. They are very valuable **once** you have logged in, but of less value before then. – mjwills Mar 27 '18 at 10:39

0 Answers0