More in this section

Forums / Developing with Sitefinity / ReturnUrl When Clickign on LoginStatusControl

ReturnUrl When Clickign on LoginStatusControl

2 posts, 0 answered
  1. Joel
    Joel avatar
    40 posts
    Registered:
    30 Nov 2010
    10 Dec 2012
    Link to this post
    I have a .net .master page with a Telerik.Sitefinity.Web.UI.PublicControls.LoginStatusControl on it.

    When a customer is on at ~/Home/news/a-a, I would like to be able to click on the LoginStatusControl and get a redirected to ~/signin?ReturnUrl=%4fHome/news/a-a. If they are at ~/home/news/tax, then I'd like them to get ~/signin?ReturnUrl=%4fhome/news/tax (etc.).

    These are NOT protected resources and i don't want them to be protected, I just don't want a user to lose their place on our site when they have chosen to log in.

    I create my login status control via another user control because I have to wrap it with a style div and I need to handle some other logic when the customer loggs out.

    protected override void OnLoad(EventArgs e) {
        base.OnLoad(e);
     
        pnlwrapper.CssClass = TopLevelElementCSSClass;
        LoginStatusControl loginStatus = new LoginStatusControl();
        loginStatus.LoginUrl = "~/signin";
        loginStatus.LoggedOut += loginStatus_LoggedOut;
        pnlwrapper.Controls.Add(loginStatus);
     
    }
     
    void loginStatus_LoggedOut(object sender, EventArgs e) {
        wulLogin.Logout();
        SecurityManager.Logout();
    }

    Thank you very much!
    Joel
  2. Stefani Tacheva
    Stefani Tacheva avatar
    718 posts
    Registered:
    31 May 2017
    13 Dec 2012
    Link to this post
    Hi,

    If you go with the approach for custom login control or page this is how to login a user in sitefintiy if you are using claims authentication. The authentication type can be checked in Administration->Settings->UserAuthentication

    var authMode = Config.Get<SecurityConfig>().AuthenticationMode;
           
    if (Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Forms == authMode)
    {
         //...
    }
    else if (Telerik.Sitefinity.Security.Configuration.AuthenticationMode.Claims == authMode)
    {
        HttpWebRequest tokenRequest = (HttpWebRequest)HttpWebRequest.Create(SitefinityClaimsAuthenticationModule.Current.GetIssuer());
        tokenRequest.Headers.Add("deflate", "true");
        tokenRequest.Headers.Add("realm", SitefinityClaimsAuthenticationModule.Current.GetRealm());
        tokenRequest.Headers.Add("wrap_name", username);
        tokenRequest.Headers.Add("wrap_password", password);
           
        HttpWebResponse issuerResponse = (HttpWebResponse)tokenRequest.GetResponse();
        if (HttpStatusCode.Unauthorized != issuerResponse.StatusCode) //else authentication is failed
        {
            using (StreamReader responseStream = new StreamReader(issuerResponse.GetResponseStream()))
            {
                string token = responseStream.ReadToEnd();
                Response.Redirect("~/MyAccount?" + token);
            }
        }
    }

    Make the necessary changes in username,password, the name of the project and the name of the redirect page and ets.

    To log the user out you need to use the following line:

    ClaimsManager.Logout();

    Note that the auth cookie is created for a certain period of time then it is deleted. The default period is 2 hours. The timeout period for the cookies specified in Administration->Settings->Advanced->Security and find the text boxes.
    AuthCookieTimeout or BackendUsersSessionTimeout if the user to be kept logged in should be kept also for longer.

    If you are using Forms authentication please review the sample:

    protected void Page_Load(object sender, EventArgs e)
            {
                var manager = UserManager.GetManager();
                string userName = "UserB";
                string password = "password";
       
                if (manager.ValidateUser(userName, password))
                {
                    DateTime now = DateTime.UtcNow;
                    var user = manager.GetUser(userName);
                    user.IsLoggedIn = true;
                    user.LastLoginIp = SystemManager.CurrentHttpContext.Request.UserHostAddress;
                    user.LastLoginDate = now;
                    user.LastActivityDate = now;
                    var loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true);
       
                    if (loginReason == UserLoggingReason.UserAlreadyLoggedIn)
                    {
                        SecurityManager.Logout(UserManager.GetDefaultProviderName(), user.Id);
                        loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true);
                    }
       
                    if (loginReason == UserLoggingReason.Success)
                    {
                        manager.Provider.SuppressSecurityChecks = true;
                        manager.SaveChanges();
       
                        FormsAuthentication.SetAuthCookie(userName, true);
       
                        if (Request["returnUrl"] == null)
                            Response.Redirect(String.Format("{0}://{1}/login-test", Request.Url.Scheme, Request.Url.Authority));
                        else
                            Response.Redirect(Request["returnUrl"]);
                    }
                }
            }

    Greetings,
    Stefani Tacheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
2 posts, 0 answered