ReturnUrl When Clickign on LoginStatusControl
I have a .net .master page with a Telerik.Sitefinity.Web.UI.PublicControls.LoginStatusControl on it.
When a customer is on at ~/Home/news/a-a, I would like to be able to click on the LoginStatusControl and get a redirected to ~/signin?ReturnUrl=%4fHome/news/a-a. If they are at ~/home/news/tax, then I'd like them to get ~/signin?ReturnUrl=%4fhome/news/tax (etc.).
These are NOT protected resources and i don't want them to be protected, I just don't want a user to lose their place on our site when they have chosen to log in.
I create my login status control via another user control because I have to wrap it with a style div and I need to handle some other logic when the customer loggs out.
protected
override
void
OnLoad(EventArgs e)
base
.OnLoad(e);
pnlwrapper.CssClass = TopLevelElementCSSClass;
LoginStatusControl loginStatus =
new
LoginStatusControl();
loginStatus.LoginUrl =
"~/signin"
;
loginStatus.LoggedOut += loginStatus_LoggedOut;
pnlwrapper.Controls.Add(loginStatus);
void
loginStatus_LoggedOut(
object
sender, EventArgs e)
wulLogin.Logout();
SecurityManager.Logout();
Hi,
If you go with the approach for custom login control or page this is how to login a user in sitefintiy if you are using claims authentication. The authentication type can be checked in Administration->Settings->UserAuthentication
var authMode = Config.Get<SecurityConfig>().AuthenticationMode;
if
(Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Forms == authMode)
//...
else
if
(Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Claims == authMode)
HttpWebRequest tokenRequest = (HttpWebRequest)HttpWebRequest.Create(SitefinityClaimsAuthenticationModule.Current.GetIssuer());
tokenRequest.Headers.Add(
"deflate"
,
"true"
);
tokenRequest.Headers.Add(
"realm"
, SitefinityClaimsAuthenticationModule.Current.GetRealm());
tokenRequest.Headers.Add(
"wrap_name"
, username);
tokenRequest.Headers.Add(
"wrap_password"
, password);
HttpWebResponse issuerResponse = (HttpWebResponse)tokenRequest.GetResponse();
if
(HttpStatusCode.Unauthorized != issuerResponse.StatusCode)
//else authentication is failed
using
(StreamReader responseStream =
new
StreamReader(issuerResponse.GetResponseStream()))
string
token = responseStream.ReadToEnd();
Response.Redirect(
"~/MyAccount?"
+ token);
Make the necessary changes in username,password, the name of the project and the name of the redirect page and ets.
To log the user out you need to use the following line:
ClaimsManager.Logout();
Note that the auth cookie is created for a certain period of time then it is deleted. The default period is 2 hours. The timeout period for the cookies specified in Administration->Settings->Advanced->Security and find the text boxes.
AuthCookieTimeout or BackendUsersSessionTimeout if the user to be kept logged in should be kept also for longer.
If you are using Forms authentication please review the sample:
protected
void
Page_Load(
object
sender, EventArgs e)
var manager = UserManager.GetManager();
string
userName =
"UserB"
;
string
password =
"password"
;
if
(manager.ValidateUser(userName, password))
DateTime now = DateTime.UtcNow;
var user = manager.GetUser(userName);
user.IsLoggedIn =
true
;
user.LastLoginIp = SystemManager.CurrentHttpContext.Request.UserHostAddress;
user.LastLoginDate = now;
user.LastActivityDate = now;
var loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password,
true
);
if
(loginReason == UserLoggingReason.UserAlreadyLoggedIn)
SecurityManager.Logout(UserManager.GetDefaultProviderName(), user.Id);
loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password,
true
);
if
(loginReason == UserLoggingReason.Success)
manager.Provider.SuppressSecurityChecks =
true
;
manager.SaveChanges();
FormsAuthentication.SetAuthCookie(userName,
true
);
if
(Request[
"returnUrl"
] ==
null
)
Response.Redirect(String.Format(
"0://1/login-test"
, Request.Url.Scheme, Request.Url.Authority));
else
Response.Redirect(Request[
"returnUrl"
]);