Asp.net core application not logging in on remote connections

Question

I have an asp.net core application, I have been developing and testing on my local machine as well as mobile devices that are connected to the same network.

On the host machine, I can interact with the application with no problem, I can log in and register but on my connected mobile devices I can interact with the application but when I try to log in. I enter the correct account details but I am not logged in. No error shows up and I am redirected to the home page without being logged in.

When I debug it shows that the account details are sent to the application from the device and the PasswordSignInAsync method returns success and it should redirect. No errors are thrown on the server. I also don't see any error on the client-side.

Could I be missing something on why I can log in on the host machine and not on devices that are connected to the same network.

Any help will be appreciated.

Edit:

AccountController looks like this

[HttpGet]
        public IActionResult Login(string returnUrl)
        {
            return View(new LoginViewModel {
                ReturnUrl = returnUrl
            });
        }


        [HttpPost]
        public async Task<IActionResult> Login(LoginViewModel loginViewModel)
        {
            if (!ModelState.IsValid)
            {
                return View(loginViewModel);
            }

            var user = await _userManager.FindByEmailAsync(loginViewModel.Email);

            if (user != null)
            {

                var result = await _signInManager.PasswordSignInAsync(user, loginViewModel.Password, false, false);

                if (result.Succeeded)
                {
                    if (string.IsNullOrEmpty(loginViewModel.ReturnUrl))
                    {

                        return RedirectToAction("Index", "Home");
                    }
                    else
                    {
                        //parse the return url
                        var parsedString = loginViewModel.ReturnUrl.Split('/');
                        string controller = parsedString[1];
                        string action = parsedString[2];
                        return RedirectToAction(action, controller);
                    }
                }
            }
            ModelState.AddModelError("", "Username/Password was not found");
            return View(loginViewModel);
        }

The Startup.cs's configure method looks like this

        public void ConfigureServices(IServiceCollection services)
        {

            services.AddIdentity<ApplicationUser, IdentityRole>(opt => { 
                opt.Password.RequireDigit = false; 
                opt.Password.RequiredLength = 8; 
                opt.Password.RequireNonAlphanumeric = false;
                opt.User.RequireUniqueEmail = true;
            }).AddEntityFrameworkStores<AppDbContext>();

            services.AddIdentityCore<ApplicationUser>().AddEntityFrameworkStores<AppDbContext>();
            services.ConfigureApplicationCookie(options =>
            {
                // Cookie settings
                options.Cookie.HttpOnly = true;
                options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
                options.LoginPath = "/Account/Login";
                options.SlidingExpiration = true;
            });

            services.AddDbContext<AppDbContext>(options =>   options.UseSqlServer(_configurationRoot.GetConnectionString("DefaultConnection")),ServiceLifetime.Transient);
            services.AddScoped<Checkout>();
            services.AddScoped<CurrentCurrency>();
            services.AddHttpClient();
            services.AddSignalR();
            services.AddAuthentication();
            services.AddMvc(option => option.EnableEndpointRouting = false);
            services.AddMemoryCache();
            services.AddHttpContextAccessor();
            services.AddSession();
            services.AddLiveReload();
            services.Configure<PaynowAccountDetails>(Configuration.GetSection("Paynow"));
            services.Configure<PaynowUsdAccountDetails>(Configuration.GetSection("PaynowUSD"));

        }

And the configure looks like this

public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IServiceProvider serviceProvider)
        {
            if (env.IsDevelopment())
            {
                app.UseLiveReload();
                app.UseDeveloperExceptionPage();
                app.UseStatusCodePages();
                app.UseStaticFiles();
                app.UseSession();
                app.UseAuthentication();


                DbInitializer.Seed(serviceProvider);
                app.UseMvc(routes =>
                {
                    routes.MapRoute(name: "categoryFileter", template: "unitItem/{action}/{category?}", defaults: new { Controller = "unitItem", Action = "List" });
                    routes.MapRoute(name: "default", template: "{controller=Home}/{action=index}/{id?}");
                });



            }

            app.UseRouting();


            app.UseMvc(routes =>
            {
                routes.MapRoute(name: "categoryFileter", template: "unitItem/{action}/{category?}", defaults: new { Controller = "unitItem", Action = "List" });
                routes.MapRoute(name: "default", template: "{controller=Home}/{action=index}/{id?}");
            });


            app.UseEndpoints(endpoints =>
            {
                endpoints.MapHub<SignalServer>("/signalserver");
            });

        }
    }
}

The login View is almost all HTML with reference to validation.js script file.

Running the application on visual studio and using Conveyor by Keyoti to be able to access the application over the network.

Edit 2: The issue completely disappears if i access the application using Conveyor over the internet.

Does the issue only occurs while accessing from mobile devices? — Fei Han, Mar 19 '21 at 07:59
You say you get "redirected to the home page without being logged in" - but how do you know you're not logged in? — Xerillio, Mar 19 '21 at 21:05
@FeiHan as far as I have noticed, its only mobile devices, have not tested on another desktop computer. — Paul Gudu, Mar 20 '21 at 09:04
@Xerillio the login button still appears it is supposed to change to logout when the user is logged in. And also dont have access to the logged in user features. — Paul Gudu, Mar 20 '21 at 09:06
@PaulGudu would have to see a [mre] to be able to have a better guess. Are you using cookie authentication? Is the cookie domain set correctly? Does the device actually receive a cookie? And does it send the cookie back again? — Xerillio, Mar 20 '21 at 13:53
@Xerillio sorry for the late response. I have edited the question. Feel free to ask for more information that will help you answer my question. — Paul Gudu, Mar 24 '21 at 18:22
@PaulGudu did you check if the cookie is being sent back and forth? If you use a PC rather than a phone you can check the browser's DevTools (F12) to see if the request and response contains a cookie - both for the login and for other actions you do. — Xerillio, Mar 24 '21 at 19:35
@Xerillio i don't have a PC connected to the same network I am accessing using my phone. How can check it on a phone browser? — Paul Gudu, Mar 24 '21 at 19:37
@PaulGudu Perhaps [this answer](https://stackoverflow.com/questions/36101403/how-do-i-extract-and-view-cookies-from-android-chrome) can help - I haven't tried. Otherwise I suggest trying to debug from the web application and inspect requests and responses. — Xerillio, Mar 24 '21 at 20:27
@Xerillio ok what if we assume that the cookie is not being sent back what could be the cause of the problem and how can I fix it? — Paul Gudu, Mar 24 '21 at 20:35
@PaulGudu Could be that the cookie domain needs to be set properly or expiration date is already expired when the device receives it (clock skew perhaps). I can only guess unfortunately :) I'm still wondering about the "redirected to the home page" part... Which URL are you entering into the browser on the phone? — Xerillio, Mar 24 '21 at 21:00

Asp.net core application not logging in on remote connections

0 Answers0