ReturnUrl When Clickign on LoginStatusControl
I have a .net .master page with a Telerik.Sitefinity.Web.UI.PublicControls.LoginStatusControl on it.
When a customer is on at ~/Home/news/a-a, I would like to be able to click on the LoginStatusControl and get a redirected to ~/signin?ReturnUrl=%4fHome/news/a-a. If they are at ~/home/news/tax, then I'd like them to get ~/signin?ReturnUrl=%4fhome/news/tax (etc.).
These are NOT protected resources and i don't want them to be protected, I just don't want a user to lose their place on our site when they have chosen to log in.
I create my login status control via another user control because I have to wrap it with a style div and I need to handle some other logic when the customer loggs out.
protected override void OnLoad(EventArgs e) base.OnLoad(e); pnlwrapper.CssClass = TopLevelElementCSSClass; LoginStatusControl loginStatus = new LoginStatusControl(); loginStatus.LoginUrl = "~/signin"; loginStatus.LoggedOut += loginStatus_LoggedOut; pnlwrapper.Controls.Add(loginStatus);void loginStatus_LoggedOut(object sender, EventArgs e) wulLogin.Logout(); SecurityManager.Logout();Hi,
If you go with the approach for custom login control or page this is how to login a user in sitefintiy if you are using claims authentication. The authentication type can be checked in Administration->Settings->UserAuthentication
var authMode = Config.Get<SecurityConfig>().AuthenticationMode; if (Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Forms == authMode) //...else if (Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Claims == authMode) HttpWebRequest tokenRequest = (HttpWebRequest)HttpWebRequest.Create(SitefinityClaimsAuthenticationModule.Current.GetIssuer()); tokenRequest.Headers.Add("deflate", "true"); tokenRequest.Headers.Add("realm", SitefinityClaimsAuthenticationModule.Current.GetRealm()); tokenRequest.Headers.Add("wrap_name", username); tokenRequest.Headers.Add("wrap_password", password); HttpWebResponse issuerResponse = (HttpWebResponse)tokenRequest.GetResponse(); if (HttpStatusCode.Unauthorized != issuerResponse.StatusCode) //else authentication is failed using (StreamReader responseStream = new StreamReader(issuerResponse.GetResponseStream())) string token = responseStream.ReadToEnd(); Response.Redirect("~/MyAccount?" + token); Make the necessary changes in username,password, the name of the project and the name of the redirect page and ets.
To log the user out you need to use the following line:
ClaimsManager.Logout(); Note that the auth cookie is created for a certain period of time then it is deleted. The default period is 2 hours. The timeout period for the cookies specified in Administration->Settings->Advanced->Security and find the text boxes.
AuthCookieTimeout or BackendUsersSessionTimeout if the user to be kept logged in should be kept also for longer.
If you are using Forms authentication please review the sample:
protected void Page_Load(object sender, EventArgs e) var manager = UserManager.GetManager(); string userName = "UserB"; string password = "password"; if (manager.ValidateUser(userName, password)) DateTime now = DateTime.UtcNow; var user = manager.GetUser(userName); user.IsLoggedIn = true; user.LastLoginIp = SystemManager.CurrentHttpContext.Request.UserHostAddress; user.LastLoginDate = now; user.LastActivityDate = now; var loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true); if (loginReason == UserLoggingReason.UserAlreadyLoggedIn) SecurityManager.Logout(UserManager.GetDefaultProviderName(), user.Id); loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true); if (loginReason == UserLoggingReason.Success) manager.Provider.SuppressSecurityChecks = true; manager.SaveChanges(); FormsAuthentication.SetAuthCookie(userName, true); if (Request["returnUrl"] == null) Response.Redirect(String.Format("0://1/login-test", Request.Url.Scheme, Request.Url.Authority)); else Response.Redirect(Request["returnUrl"]);