Identity 2.0 After Login go to Infinite Loop asp.net mvc 5

631 views Asked by At

I have added email confirmation process like below:

 var code = await _users.GenerateEmailConfirmationTokenAsync(model.UserName);
            var callbackUrl = Url.Action(
               "ConfirmEmail", "Account",
               new { username = model.UserName, code = code },
               protocol: Request.Url.Scheme);

then confirm email with below code:

public async Task ConfirmationEmailAsync(CmsUser user, string token)
    {
        var provider = new DpapiDataProtectionProvider(WebConfigurationManager.AppSettings["AppName"].ToString());
        _manager.UserTokenProvider = new DataProtectorTokenProvider<CmsUser>(
        provider.Create("EmailConfirmation"));

        await _manager.ConfirmEmailAsync(user.Id, token);
    }

after that I will login it will go to infinite loop.

http://localhost:3214/account/login?ReturnUrl=%2Faccount%2Flogin%3FReturnUrl%3D%252Faccount%252Flogin%253FReturnUrl%253D%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252Faccount%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252Faccount%2525252525252Flogin%2525252525253FReturnUrl%2525252525253D%252525252525252Faccount%252525252525252Flogin%25252525252525...

Here, I have calling below method:

 public async Task<string> GenerateEmailConfirmationTokenAsync(CmsUser user)
    {
        var provider = new DpapiDataProtectionProvider(WebConfigurationManager.AppSettings["AppName"].ToString());
        _manager.UserTokenProvider = new DataProtectorTokenProvider<CmsUser>(
        provider.Create("EmailConfirmation"));

        return await _manager.GenerateEmailConfirmationTokenAsync(user.Id);
    }
1

There are 1 answers

0
Yeldar Kurmangaliyev On

The problem is not about your Generate EMail action. It is about your authentication.

Probably, your Login action in Account controller is requiring authorization. For instance, you can have AuthorizeAttribute on an action or a controller. Maybe, it's a global filter or something's wrong with Web.config.

Anyway, that's what actually happens:

  1. User tries to access your Generate EMail method
  2. He is unauthorized. Then, he is redirected to Account / Login method.
  3. This method requires authorization. Goto 2.

You need to review your authentication, debug it and find the basic problem before you continue implementing your EMail confirmation.