Validateantiforgerytoken + Back button

Question

Validateantiforgerytoken + Back button

Asked 6 years, 12 months ago

Viewed 244 times

1

Good morning.

I have a login form on a web page using MVC 5, I am using the [Validateantiforgerytoken] function to validate the forms for security reasons.

The page logs in correctly, but when you click the Back button of the browser and enter the login data again the message appears

The given anti-counterfeiting token was intended for the user "", but the current user is "1747".

How do I fix it?

Thank you

`

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Index(usuarioModel user)
    {
        if (!ModelState.IsValid)
        {
            ModelState.AddModelError("", "Tentativa de login inválida.");
            return View();
        }

        if (usuarioAplicacao.AutenticarUsuario(user.Cnpj, user.Usuario, user.Senha2))
        {

            return RedirectToAction("Grid", "Atendimento");
        }
        else
        {
            ModelState.AddModelError("", "Tentativa de login inválida.");
            return View();
        }
    }`

@model usuarioModel
@{
    ViewBag.Title = "Efetuar login";
    Layout = "~/Views/Shared/_LayoutLogin.cshtml";
}
Login
 Faça o login para acessar a sua área. 

@using (Html.BeginForm("Index", "home", "", FormMethod.Post, new { @class = "login-form", role = "form" }))
{
    @Html.AntiForgeryToken()
    @Html.ValidationSummary(true, "", new { @class = "text-danger" })
    
        
            @Html.TextBoxFor(m => m.Cnpj, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "CNPJ" })
            @Html.ValidationMessageFor(m => m.Cnpj, "", new { @class = "text-danger" })
        
        
            @Html.TextBoxFor(m => m.Usuario, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Usuário" })
            @Html.ValidationMessageFor(m => m.Usuario, "", new { @class = "text-danger" })

        
    
    
        
            @Html.PasswordFor(m => m.Senha2, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Senha" })
            @Html.ValidationMessageFor(m => m.Senha2, "", new { @class = "text-danger" })
        
        
            
        
    
}
@section Scripts {
    @Scripts.Render("~/bundles/jqueryval")
}

`

What about your form? You can add HTML?

– Aline

2017/07/05 at 13:13
@Aline Addei

– RodrigoSturm

2017/07/05 at 13:32
Strange, I simulated here and does not occur this problem with me. I imagine you have another action Index() (GET) used to render the page (because this is your POST). Put a breakpoint in the action GET, and when you click on the "back" button of the browser, check if you are falling in this method. Also, if you can, share also what this method AutenticarUsuario ago.

– Alisson

2017/07/07 at 02:00

No answers

Browser other questions tagged c# asp.net-mvc mvc

You are not signed in. Login or sign up in order to post.