retours à la connexion et déconnexion

Yavsc/Views/Shared/SignIn.cshtml

@@ -46,7 +46,9 @@
                 <p>
                     <a asp-action="ForgotPassword" asp-controller="Account">@SR["Forgot your password"]?</a>
                 </p>
-                <input type="hidden" name="ReturnUrl" value="@Model.ReturnUrl" />
+                
+                <input type="hidden" name="ReturnUrl" value="@Model.AfterLoginRedirectUrl" />
+                
                 @Html.AntiForgeryToken()
             </form>
 
@@ -67,6 +69,7 @@
         <form action="/signin" method="post">
             <input type="hidden" name="Provider" value="@description.AuthenticationScheme" />
             <input type="hidden" name="ReturnUrl" value="@Model.ReturnUrl" />
+            <input type="hidden" name="AfterLoginRedirectUrl" value="@Model.AfterLoginRedirectUrl" />
             <button class="btn btn-lg btn-success" type="submit">@SR["Connect using"] @description.DisplayName</button>
             @Html.AntiForgeryToken()
         </form>

Yavsc/Views/Shared/_LoginPartial.cshtml

@@ -3,24 +3,23 @@
 @if (User.IsSignedIn())
 {
     <form asp-controller="Account" asp-action="LogOff" method="post" id="logoutForm" class="navbar-right">
-         <language-layout>
+        <ul class="nav navbar-nav navbar-right">
-             <ul class="nav navbar-nav navbar-right">
             <li>
                 <a asp-controller="Manage" class="navbar-link" asp-action="Index" title="Manage">@SR["Hello"] @User.GetUserName()!</a>
             </li>
             <li>
-                <button type="submit" class="btn btn-link">@SR["Logout"]</button>
+                <button type="submit" class="btn btn-link navbar-btn navbar-link" >@SR["Logout"]</button>
+                <input type="hidden" name="ReturnUrl" value="@Url.Action()" />
             </li>
         </ul>
-         </language-layout>
     </form>
 }
 else
-{ <language-layout>
+{
     <ul class="nav navbar-nav navbar-right">
-        <li><a class="navbar-link" asp-controller="Account" asp-action="Register">@SR["Register"]</a></li>
+        <li><a class="navbar-link" asp-controller="Account" asp-action="Register" asp-route-returnurl="@Url.Action()" >@SR["Register"]</a></li>
-        <li><a class="navbar-link" asp-controller="OAuth" asp-action="SignIn">@SR["Login"]</a></li>
+           
+        <li><a class="navbar-link" asp-controller="Account" asp-action="Login" asp-route-returnurl="@Url.Action()" >@SR["Login"]</a></li>
     </ul>
-</language-layout>
 }
  

Yavsc/src/Controllers/AccountController.cs

@@ -10,6 +10,7 @@ using Microsoft.AspNet.Mvc;
 using Microsoft.AspNet.Mvc.Rendering;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.OptionsModel;
+using Yavsc.Extensions;
 using Yavsc.Models;
 using Yavsc.Services;
 using Yavsc.ViewModels.Account;
@@ -50,16 +51,21 @@ namespace Yavsc.Controllers
             _twilioSettings = twilioSettings.Value;
             _logger = loggerFactory.CreateLogger<AccountController>();
         }
-        
 
-        public IActionResult Forbidden()
+        [HttpGet("~/login")]
+        public IActionResult Login(string returnUrl)
         {
-            return View();
+            return View("SignIn", new LoginViewModel { 
+                AfterLoginRedirectUrl = returnUrl,
+                ReturnUrl = "/Account/ExternalLoginCallback",
+                ExternalProviders = HttpContext.GetExternalProviders()
+             });
         }
-
+        
         [HttpPost("~/login")]
         public async Task<IActionResult> LocalLogin(LoginViewModel model)
         {
+            
             if (ModelState.IsValid)
             {
                 // This doesn't count login failures towards account lockout
@@ -67,8 +73,6 @@ namespace Yavsc.Controllers
                 var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, lockoutOnFailure: false);
                 if (result.Succeeded)
                 {
-                    _logger.LogInformation(1, "User logged in.");
-
                     return RedirectToLocal(model.ReturnUrl);
                 }
                 if (result.RequiresTwoFactor)
@@ -86,7 +90,9 @@ namespace Yavsc.Controllers
                     return View(model);
                 }
             }
+            
             // If we got this far, something failed, redisplay form
+            ModelState.AddModelError(string.Empty, "Unexpected behavior: something failed ... you could try again, or contact me ...");
             return View(model);
         }
         //
@@ -130,11 +136,12 @@ namespace Yavsc.Controllers
         // POST: /Account/LogOff
         [HttpPost]
         [ValidateAntiForgeryToken]
-        public async Task<IActionResult> LogOff()
+        public async Task<IActionResult> LogOff(string returnUrl = null)
         {
             await _signInManager.SignOutAsync();
             _logger.LogInformation(4, "User logged out.");
-            return RedirectToAction(nameof(HomeController.Index), "Home");
+            if (returnUrl==null) return RedirectToAction(nameof(HomeController.Index), "Home");
+            return Redirect(returnUrl);
         }
         
         //

Yavsc/src/Controllers/OAuthController.cs

@@ -46,7 +46,7 @@ ILogger _logger;
 
 
         [HttpGet("~/signin")]
-        public ActionResult SignIn(string returnUrl = "/Account/ExternalLoginCallback") {
+        public ActionResult SignIn(string returnUrl = null) {
             // Note: the "returnUrl" parameter corresponds to the endpoint the user agent
             // will be redirected to after a successful authentication and not
             // the redirect_uri of the requesting client application.
@@ -62,7 +62,7 @@ ILogger _logger;
         }
 
         [HttpPost("~/signin")]
-        public IActionResult SignIn( string Provider, string ReturnUrl ) {
+        public IActionResult SignIn( string Provider, string ReturnUrl, string AfterLoginRedirectUrl) {
             // Note: the "provider" parameter corresponds to the external
             // authentication provider choosen by the user agent.
             if (string.IsNullOrEmpty(Provider)) {
@@ -86,8 +86,17 @@ ILogger _logger;
             // Instruct the middleware corresponding to the requested external identity
             // provider to redirect the user agent to its own authorization endpoint.
             // Note: the authenticationScheme parameter must match the value configured in Startup.cs
-          
+            
+            // If AfterLoginRedirectUrl is non null,
+            // This is a web interface access,
+            // and the wanted redirection
+            // after the successfull authentication
+            if (AfterLoginRedirectUrl!=null) {
+                ReturnUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = AfterLoginRedirectUrl });
+            }
+            
             var properties = _signInManager.ConfigureExternalAuthenticationProperties(Provider, ReturnUrl);
+            
             return new ChallengeResult(Provider, properties);
         }
 

Yavsc/src/ViewModels/Account/LoginViewModel.cs

@@ -16,7 +16,19 @@ namespace Yavsc.ViewModels.Account
 
         [Display(Name = "Remember me?")]
         public bool RememberMe { get; set; }
+        
+        /// <summary>
+        /// This value indicates the OAuth client method recieving the code,
+        /// in case of.
+        /// </summary>
+        /// <returns></returns>
         public string ReturnUrl { get; set; }
+        /// <summary>
+        /// This is the Url redirection used after a successfull resource grant
+        /// to a legacy web browser client.
+        /// </summary>
+        /// <returns></returns>
+        public string AfterLoginRedirectUrl { get; set; }
         
         public IEnumerable<AuthenticationDescription> ExternalProviders { get; set; }
     }