Use session state to redirect user to homepage if already logged in
up vote
0
down vote
favorite
I have a login page and and a accounts controller with Login action. When I log in I get redirected to home page(which is good) but after logging in if I re visit the login page it shows the login form again (although I am logged in).
I tried check for session state values but every time I try to use it I get null reference error.
public ActionResult Login(string name, string password, string hash)
{
if (!string.IsNullOrWhiteSpace(name))
{
var user = _model.tblUsers.FirstOrDefault(x => x.username == name);
if (user != null)
{
if (user.powerLevel == 0)
{
Session["IsAdmin"] = (user.password == password);
Session["IsAuthor"] = null;
Session["IsUser"] = null;
}
else if (user.powerLevel == 1)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = (user.password == password);
Session["IsUser"] = null;
}
else if (user.powerLevel == 2)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = null;
Session["IsUser"] = (user.password == password);
}
else
{
return View("Login");
}
return RedirectToAction("Index","Posts");
}
}
return View("Login");
}
so if either of IsAdmin, IsAuthor, IsUser Session is set to true I want to get redirected to homepage. I tried check it with string.IsNullOrWhiteSpace but it doesnt work I always get false even if the Session is set to true
c# asp.net asp.net-mvc
add a comment |
up vote
0
down vote
favorite
I have a login page and and a accounts controller with Login action. When I log in I get redirected to home page(which is good) but after logging in if I re visit the login page it shows the login form again (although I am logged in).
I tried check for session state values but every time I try to use it I get null reference error.
public ActionResult Login(string name, string password, string hash)
{
if (!string.IsNullOrWhiteSpace(name))
{
var user = _model.tblUsers.FirstOrDefault(x => x.username == name);
if (user != null)
{
if (user.powerLevel == 0)
{
Session["IsAdmin"] = (user.password == password);
Session["IsAuthor"] = null;
Session["IsUser"] = null;
}
else if (user.powerLevel == 1)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = (user.password == password);
Session["IsUser"] = null;
}
else if (user.powerLevel == 2)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = null;
Session["IsUser"] = (user.password == password);
}
else
{
return View("Login");
}
return RedirectToAction("Index","Posts");
}
}
return View("Login");
}
so if either of IsAdmin, IsAuthor, IsUser Session is set to true I want to get redirected to homepage. I tried check it with string.IsNullOrWhiteSpace but it doesnt work I always get false even if the Session is set to true
c# asp.net asp.net-mvc
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have a login page and and a accounts controller with Login action. When I log in I get redirected to home page(which is good) but after logging in if I re visit the login page it shows the login form again (although I am logged in).
I tried check for session state values but every time I try to use it I get null reference error.
public ActionResult Login(string name, string password, string hash)
{
if (!string.IsNullOrWhiteSpace(name))
{
var user = _model.tblUsers.FirstOrDefault(x => x.username == name);
if (user != null)
{
if (user.powerLevel == 0)
{
Session["IsAdmin"] = (user.password == password);
Session["IsAuthor"] = null;
Session["IsUser"] = null;
}
else if (user.powerLevel == 1)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = (user.password == password);
Session["IsUser"] = null;
}
else if (user.powerLevel == 2)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = null;
Session["IsUser"] = (user.password == password);
}
else
{
return View("Login");
}
return RedirectToAction("Index","Posts");
}
}
return View("Login");
}
so if either of IsAdmin, IsAuthor, IsUser Session is set to true I want to get redirected to homepage. I tried check it with string.IsNullOrWhiteSpace but it doesnt work I always get false even if the Session is set to true
c# asp.net asp.net-mvc
I have a login page and and a accounts controller with Login action. When I log in I get redirected to home page(which is good) but after logging in if I re visit the login page it shows the login form again (although I am logged in).
I tried check for session state values but every time I try to use it I get null reference error.
public ActionResult Login(string name, string password, string hash)
{
if (!string.IsNullOrWhiteSpace(name))
{
var user = _model.tblUsers.FirstOrDefault(x => x.username == name);
if (user != null)
{
if (user.powerLevel == 0)
{
Session["IsAdmin"] = (user.password == password);
Session["IsAuthor"] = null;
Session["IsUser"] = null;
}
else if (user.powerLevel == 1)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = (user.password == password);
Session["IsUser"] = null;
}
else if (user.powerLevel == 2)
{
Session["IsAdmin"] = null;
Session["IsAuthor"] = null;
Session["IsUser"] = (user.password == password);
}
else
{
return View("Login");
}
return RedirectToAction("Index","Posts");
}
}
return View("Login");
}
so if either of IsAdmin, IsAuthor, IsUser Session is set to true I want to get redirected to homepage. I tried check it with string.IsNullOrWhiteSpace but it doesnt work I always get false even if the Session is set to true
c# asp.net asp.net-mvc
c# asp.net asp.net-mvc
edited Nov 9 at 16:19
asked Nov 9 at 16:17
Danial Ahmed
1068
1068
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35
add a comment |
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53229483%2fuse-session-state-to-redirect-user-to-homepage-if-already-logged-in%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Please don't put plain text (or even hashed) passwords in your URL. That's extremely insecure.
– gunr2171
Nov 9 at 16:19
@gunr2171 dont worry. After I figure this out I will convert the password to sha256 using jquey and then send it to Action
– Danial Ahmed
Nov 9 at 16:20
Is this the post action of the controller? It seem you dont show us proper part of your code. What is the controller default action (index)?
– DanB
Nov 9 at 16:24
@DanielBlais yes this post action controller. I currently dont have anything index only working on /Login and /Logout
– Danial Ahmed
Nov 9 at 16:33
This is the post action of an form. You want to catch if the user is already logged (by checking the session). You have to check in the GET action that display that view/form, not in the POST action.
– DanB
Nov 9 at 16:35