1
Good morning.
I have a login form on a web page using MVC 5, I am using the [Validateantiforgerytoken] function to validate the forms for security reasons.
The page logs in correctly, but when you click the Back button of the browser and enter the login data again the message appears
The given anti-counterfeiting token was intended for the user "", but the current user is "1747".
How do I fix it?
Thank you
`
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Index(usuarioModel user)
{
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "Tentativa de login inválida.");
return View();
}
if (usuarioAplicacao.AutenticarUsuario(user.Cnpj, user.Usuario, user.Senha2))
{
return RedirectToAction("Grid", "Atendimento");
}
else
{
ModelState.AddModelError("", "Tentativa de login inválida.");
return View();
}
}`
@model usuarioModel @{ ViewBag.Title = "Efetuar login"; Layout = "~/Views/Shared/_LayoutLogin.cshtml"; }Login
Faça o login para acessar a sua área.
@using (Html.BeginForm("Index", "home", "", FormMethod.Post, new { @class = "login-form", role = "form" })) { @Html.AntiForgeryToken() @Html.ValidationSummary(true, "", new { @class = "text-danger" }) @Html.TextBoxFor(m => m.Cnpj, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "CNPJ" }) @Html.ValidationMessageFor(m => m.Cnpj, "", new { @class = "text-danger" }) @Html.TextBoxFor(m => m.Usuario, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Usuário" }) @Html.ValidationMessageFor(m => m.Usuario, "", new { @class = "text-danger" }) @Html.PasswordFor(m => m.Senha2, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Senha" }) @Html.ValidationMessageFor(m => m.Senha2, "", new { @class = "text-danger" }) } @section Scripts { @Scripts.Render("~/bundles/jqueryval") } `
What about your form? You can add HTML?
– Aline
@Aline Addei
– RodrigoSturm
Strange, I simulated here and does not occur this problem with me. I imagine you have another action
Index()
(GET) used to render the page (because this is your POST). Put a breakpoint in the action GET, and when you click on the "back" button of the browser, check if you are falling in this method. Also, if you can, share also what this methodAutenticarUsuario
ago.– Alisson