0

I have setup a simple login with Forms Authentication that works fine on my localhost in an ASP.NET MVC app

I can access the login form an post it in live app.

But when I published the website into a live application on the web the Forms Authentication doesn't work. What am I doing wrong?

Here is my code:

<system.web>
        <authentication mode="Forms">
            <forms loginUrl="~/Home/Login" timeout="30" />
        </authentication>
</system.web>

Controller: 

    public ActionResult LoginUser(string username, string password)
    {
        if (ConfigurationManager.AppSettings["UserName"] == username && ConfigurationManager.AppSettings["Password"] == password)
        {
            FormsAuthentication.SetAuthCookie(username, false);

            return RedirectToAction("Index");
        }
        return RedirectToAction("Index");
    }

Javascript:

$("body").on("click", "#loginbutton", function (e) {

$("#loginbutton").attr("href", "/loginuser?username=" + $('[user]').attr('user') + "&password=" + $('[pass]').attr('pass'));

});

.cshtml:

@if (User.Identity.IsAuthenticated)
        {
            <div class="row">
                <div class="col-xs-12">
                    <a href="#uploadimage" class="md light btn-popup upload-cloud"><i class="fa fa-cloud-upload" id=""></i></a>
                </div>
            </div>
        }

Why does this not work in a live-application?

UPDATE:

I have foud now that it doesn't work on localhost also. The problem is @if (User.Identity.IsAuthenticated) What should I use instead to Authenticated user in my .cshtml files?

user3228992
  • 1,313
  • 1
  • 15
  • 29

1 Answers1

0

Maybe a silly answer but you do have the keys in your web.release.config and not only web.debug.config?

Can you see in the browsers devtools if you get an 500 or maybe 400 error back when trying to login? Could also be a routing problem.

Hypnobrew
  • 1,020
  • 8
  • 20
  • I have foud now that it doesn't work on localhost also. The problem is `@if (User.Identity.IsAuthenticated)` What should I use instead to Authenticated user in my .cshtml files? – user3228992 Apr 03 '16 at 20:18
  • This is because you are logging in with javascript. The FormsAuthentication.SetAuthCookie sends a cookie on the response, but the browser does not set the cookie until you reload the site. You have some related here: http://stackoverflow.com/questions/17642630/user-identity-isauthenticated-is-false-after-successful-login – Hypnobrew Apr 03 '16 at 20:22
  • I reload the site? `return RedirectToAction("Index");` – user3228992 Apr 03 '16 at 20:23
  • Sorry, missed that. Can you see after you tried to login if you have a formsauth-cookie set in the browser? – Hypnobrew Apr 03 '16 at 20:32
  • No, formsauth-cookie is not set – user3228992 Apr 03 '16 at 20:33
  • Then I think it something strange with your javascript. Usually when making an ajax-request it will set a cookie on the response. Not sure what you javascript is doing but it looks rather odd. Can you try to make a normal form-post to the controller to see if that works to begin with? – Hypnobrew Apr 03 '16 at 20:37