2
Answers

Too many redirects error in MVC application

Pravin Ghadge

Pravin Ghadge
6y
32k
1
Hi All,
 
I am getting Too many redirects error in my MVC application.
 
I have kept the debugger in SessionExpire Attribute filter , here debugger goes in loop.
 
This error is occuring from implementation of Cookie in my project.
 
My requirement is to keep User session alive until user log out.
 
My Code:
 
Account Controller:
  1. [HttpGet]  
  2.         [AllowAnonymous]  
  3.         [SessionExpire]  
  4.         public ActionResult Login(string returnUrl)  
  5.         {  
  6.             HttpContext.Request.IsAjaxRequest();  
  7.             AccountModel userLoginModel = new AccountModel();  
  8.             string cookieName = "MyCookie";  
  9.             HttpCookie authCookie = System.Web.HttpContext.Current.Request.Cookies[cookieName];  
  10.             if (authCookie != null)  
  11.             {  
  12.                 if (!string.IsNullOrEmpty(authCookie.Value))  
  13.                 {  
  14.                     FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);  
  15.                     if (authTicket.IsPersistent)  
  16.                     {  
  17.                         userLoginModel.UserName = authTicket.Name;  
  18.                         userLoginModel.RememberMe = authTicket.IsPersistent;  
  19.                         userLoginModel.Password = authTicket.UserData;  
  20.                     }  
  21.                     if (User.Identity.IsAuthenticated)  
  22.                     {  
  23.                         string UserID = GetLoggedInUserData();  
  24.                         //List<clsEntity_User> UserEntity = GetLoggedInUserData();  
  25.                         if (UserID != string.Empty)  
  26.                         {  
  27.                             System.Web.HttpContext.Current.Session["userID"] = UserID;  
  28.                             //string userID = UserEntity[0].UserID.ToString();  
  29.                             //SessionValue.SetLoginData(userID, userRole, userEmail, userBusinessGroupIDs, userLocationIDs);  
  30.                             //UserEntity = null;  
  31.                         }  
  32.                         return RedirectToAction("Index""Home");  
  33.                     }  
  34.   
  35.                 }  
  36.             }  
  37.             return View();  
  38.         }  
  39.   
  40.         [HttpPost]  
  41.         [AllowAnonymous]  
  42.         [ValidateAntiForgeryToken]  
  43.         public ActionResult Login(AccountModel oModel, string returnUrl)  
  44.         {  
  45.             string responseMessage = string.Empty;  
  46.             string UserName = oModel.UserName;  
  47.             string Password = oModel.Password;  
  48.   
  49.             if (ValidateUser(UserName, Password, ref responseMessage))  
  50.             {  
  51.                 FormsAuthentication.SetAuthCookie(oModel.UserName, oModel.RememberMe);  
  52.   
  53.                 int timeout = oModel.RememberMe ? 7 : 1;  
  54.                 FormsAuthenticationTicket authTicket = new  
  55.                                             FormsAuthenticationTicket(1, //version  
  56.                                            oModel.UserName, // user name  
  57.                                             DateTime.Now,             //creation  
  58.                                             DateTime.Now.AddDays(timeout), //Expiration (you can set it to 1 month  
  59.                                             oModel.RememberMe,  //Persistent  
  60.                                             oModel.Password); // additional informations  
  61.   
  62.   
  63.                 string encryptedTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket);  
  64.                 HttpCookie authCookie = new HttpCookie("MyCookie", encryptedTicket);  
  65.                 if (oModel.RememberMe)  
  66.                 {  
  67.                     authCookie.Expires = authTicket.Expiration;  
  68.                 }  
  69.                 else  
  70.                 { authCookie.Expires = authTicket.Expiration; }  
  71.   
  72.   
  73.                 authCookie.HttpOnly = true;  
  74.                 System.Web.HttpContext.Current.Response.Cookies.Add(authCookie);  
  75.                 FormsIdentity identity = new FormsIdentity(authTicket);  
  76.                 string UserID = GetLoggedInUserData();  
  77.                 if (UserID != string.Empty)  
  78.                 {  
  79.                     System.Web.HttpContext.Current.Session["userID"] = UserID;  
  80.                     //SessionValue.SetLoginData(userID, userRole, userEmail, userBusinessGroupIDs, userLocationIDs);  
  81.                     //UserEntity = null;  
  82.                 }  
  83.                 return RedirectToAction("Index""Home");  
  84.             }  
  85.             else  
  86.             {  
  87.                 ViewBag.Error = true;  
  88.                 ViewBag.Message = responseMessage;  
  89.                 return View();  
  90.             }  
  91.         }  
 
SessionExpire 
 
  1. [AttributeUsage(AttributeTargets.Method, Inherited = true, AllowMultiple = false)]  
  2. public class SessionExpireAttribute : ActionFilterAttribute  
  3. {  
  4.       
  5.     public override void OnActionExecuting(ActionExecutingContext filterContext)  
  6.     {  
  7.         HttpContext context = HttpContext.Current;  
  8.         if (context.Session != null)  
  9.         {  
  10.             if (context.Session.IsNewSession == true)  
  11.             {  
  12.                 string sessionCookie = context.Request.Headers["Cookie"];  
  13.   
  14.                 if ((sessionCookie != null) && (sessionCookie.IndexOf("ASP.NET_SessionId_My") >= 0))  
  15.                 {  
  16.                     // FormsAuthentication.SignOut();  
  17.                     string redirectTo = "~/Account/Login";  
  18.                     if (!string.IsNullOrEmpty(context.Request.RawUrl))  
  19.                     {  
  20.                         filterContext.HttpContext.Response.Redirect(FormsAuthentication.LoginUrl);  
  21.   
  22.                         //redirectTo = string.Format("~/Home/Login?ReturnUrl={0}", HttpUtility.UrlEncode(context.Request.RawUrl));  
  23.                         // filterContext.Result = new RedirectResult(redirectTo);  
  24.                         return;  
  25.                     }  
  26.   
  27.                 }  
  28.             }  
  29.         }  
  30.   
  31.         base.OnActionExecuting(filterContext);  
  32.     }  
  33. }  
 

Attachment: SessionWithCookie.zip

Answers (2)
Next Recommended Forum