Not redirecting to login page when using [Authorize] attribute in .net 6 core mvc application-CodePudding

I,am using .net 6 for application development. I,am using Identity Manager from .net core. I have made a custom bootstrap login page. Also as per my application structure I don't need a _loginpartial.cshtml.

I have given [Authorize] attribute to the default Privacy page action in HomeController in MVC .net core project. Also added the anchor tag to privacy in Home>Index.cshtml.

When I click on the link, The application spits out 404 page is not found error. It is redirecting to the following link: https://localhost:7188/Identity/Account/Login?ReturnUrl=/Home/Privacy .But the page is not loading.

However, if I remove /Identity/ from the above link then the page loads. ie https://localhost:7188/Account/Login?ReturnUrl=/Home/Privacy.

Since I,am using .net 6, I used all the codes in Startup.cs into Program.cs and migrated the code accordingly.

When I add app.MapRazorPages(); after the endpoint section the link works! but it provides an entirely different login page than what I created. It seems to be loading a prebuilt Identity page. How can I use my login page? when I use the [Authorize] attribute to secure my controller methods?

program.cs

using MyApplication.Data;
using MyApplication.Service;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Identity.UI.Services;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.

builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));
builder.Services.AddIdentity<IdentityUser, IdentityRole>().AddEntityFrameworkStores<ApplicationDbContext>().AddDefaultTokenProviders().AddDefaultUI();
builder.Services.AddControllersWithViews(options => { options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); });
builder.Services.AddRazorPages();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();


app.MapControllerRoute(name: "default", pattern: "{controller=Home}/{action=Index}/{id?}");
app.MapRazorPages();

app.Run();

Please let me know if I need to furnish anymore details to resolve the issue?

CodePudding user response：

You need to [scaffold the login page](see the docs - https://docs.microsoft.com/en-us/aspnet/core/security/authentication/scaffold-identity?view=aspnetcore-6.0&tabs=visual-studio#scaffold-identity-into-an-mvc-project-with-authorization) that Identity page uses and then implement your custom login page on that razor page.

CodePudding user response：

I found the solution to the above on Microsoft Knowledgebase in here: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-configuration?view=aspnetcore-6.0

The solution was to map my custom login page to Identity. This was achieved by adding the below lines of code in program.cs for .net 6

services.ConfigureApplicationCookie(options =>
{
    //Location for your Custom Access Denied Page
    options.AccessDeniedPath = "Account/AccessDenied";

    //Location for your Custom Login Page
    options.LoginPath = "Account/Login";
});