情况
我一直在努力解决似乎是一个常见错误,但它以不同的方式影响着我。
我有一个应用程序,其中一个注册了一个帐户并在他们的电子邮件中获得了验证链接,如果他们不验证他们当然也无法登录。
问题
我所要做的是,如果登录的用户尚未验证其帐户,那么我会将他们带到显示“未确认电子邮件,请确认或请单击此处重新发送验证码”的页面。 当我点击“重新发送验证码”按钮时,出现错误
The provided anti-forgery token was meant for a different claims-based user than the current user.
下面的代码是登录代码,请注意如果用户正确但未确认的情况下重定向的if语句。
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
if (result == SignInStatus.Success)
{
var userid = UserManager.FindByEmail(model.Email).Id;
if (!UserManager.IsEmailConfirmed(userid))
{
return RedirectToAction("EmailNotConfirmed", new { model.Email });
}
}
// If username and password is correct check if account is activated.
////if (!UserManager.IsEmailConfirmed(userid) && result == SignInStatus.Success)
////{
//// result = SignInStatus.RequiresVerification;
////}
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
下面是我的EmailNotConfirmed方法
[AllowAnonymous]
public ActionResult EmailNotConfirmed(string email)
{
AuthenticationManager.SignOut();
Session.Abandon();
LoginViewModel l = new LoginViewModel();
l.Email = email;
ViewBag.email = email;
return View(l);
}
//
// POST: /Account/EmailNotConfirmed
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> EmailNotConfirmed(LoginViewModel model)
{
Session.Abandon();
AuthenticationManager.SignOut();
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
var locUser = from t in db.Users
where t.Email == model.Email
select new
{
t.Id
};
var locId= locUser.Select(e => e.Id).FirstOrDefault();
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
string code = await UserManager.GenerateEmailConfirmationTokenAsync(locId);
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = locId, code = code }, protocol: Request.Url.Scheme);
await UserManager.SendEmailAsync(locId, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return RedirectToAction("Login", "Account");
}
查看
@model ClientAccess.Models.LoginViewModel
@{
ViewBag.Title = "EmailNotConfirmed";
}
<div class="card">
<div class="card-header">
<h5> Email not confirmed</h5>
</div>
<div class="card-body">
<p> Your account is not confirmed, please visit your email to confirm your account or click the button below to resend your verification code</p>
@using (Html.BeginForm("EmailNotConfirmed", "Account", FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
@Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
<INPUT class="btn btn-success" name=SUBMIT type=submit value="Resend Verification Code">
}
</div>
<p class="mb-2 text-muted">Already Verified? Login @Html.ActionLink("Here", "Login", "Account")</p>
</div>
我在考虑添加许多问题时
Session.Abandon();
AuthenticationManager.SignOut();通常是建议,但对我而言,这没有用,请多多包涵,以解决此问题。
致谢