0

As we always redirect logged in user to one page, there is no need for ReturnUrl parameter be added into LoginPath during redirection to login page. This is not critical, as we just don't use it, but this would look leaner without it.

Tried already CookieAuthenticationOptions.ReturnUrlParameter, but setting it to an empty string does not help.

        app.UseCookieAuthentication(New CookieAuthenticationOptions() With {
        .AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        .Provider = New CookieAuthenticationProvider() With {
            .OnValidateIdentity = SecurityStampValidator.OnValidateIdentity(Of ApplicationUserManager, ApplicationUser)(
                validateInterval:=TimeSpan.FromMinutes(20),
                regenerateIdentity:=Function(manager, user) user.GenerateUserIdentityAsync(manager))},
        .LoginPath = New PathString("/Account/Login"),
        .ExpireTimeSpan = TimeSpan.FromMinutes(20),
        .SlidingExpiration = True,
        .ReturnUrlParameter = ""})

This is different from How to remove returnurl from url? in two ways:

  1. I am using Asp.Net Identity 2.2.2, not Forms Authentication
  2. I am looking for a way to stop adding ReturnUrl parameter rather than removing it once is already added.
Megrez7
  • 1,423
  • 1
  • 15
  • 35

1 Answers1

1

You can do this:

    [HttpGet]
    [AllowAnonymous]
    public async Task<IActionResult> Login(string returnUrl = null)
    {
        // Clear the existing external cookie to ensure a clean login process
        await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);

        ViewData["ReturnUrl"] = returnUrl;
        //HERE IS THE TRICK
        if (!string.IsNullOrEmpty(Request.QueryString.Value))
            return RedirectToAction("Login");

        return View();
    }
Juan Bosco Rodríguez
  • 36
  • 4