WebSecurity.Login not working

Question

I'm having a problem with my Custom Membership provider, which extends ExtendedMembershipProvider.

After Running WebSecurity.Login, which successfully executes my Implemented Validate method, the User.Identity.IsAuthenticated is not set.

But Inspecting the WebSecurity.IsAuthenticated, it's true. Also, the CurrentUserName is set witrh my user name,. but the CurrentUserId says "An exception has been thrown."

If I inspect the exception and, after having checked the code, I discovered that the GetUser(string username, bool isUserOnline) method of my Provider, is receveing the username param as null...

Answer 1

I just discovered my problem. On my Login Action of my Controller, I was returning a view. As I understand, I had to RedirectToAction because User is set after doing a request.

This is what I had:

public ActionResult Index(LoginModel model)
{
    if (ModelState.IsValid)
    {
        WebSecurity.Login(model.Email, model.Password, model.RememberMe)
    }

    return View(model);
}

This is what I have now, and works:

public ActionResult Index(LoginModel model)
{
    if (ModelState.IsValid && WebSecurity.Login(model.Email, model.Password, model.RememberMe))
    {
        return RedirectToAction("Index", "Home");
    }

    return View(model);
}

Answer 2

I had the same issue. In my case session was not created because, it was set to different domain. Please changed it or remove the domain in your web.config file as given below.

 <authentication mode="Forms">
      <forms name="test" loginUrl="/login" protection="All" path="/" domain=".xxxx.xx" />
 </authentication>