Tutorial :How do you generate a AntiForgeryToken in a code behind file?



Question:

I have an action that resets a user's password. In that same action after the password is reset I want to login the user. I wanted to just use a "RedirectToAction" and send the username and password to my SignIn action. Since I have logic in that action that handles errors and what not.

So I need to send the AntiForgeryToken value to the SignIn action also.


Solution:1

There isn't a need to do this and I don't think it would be a good idea anyway as you'd be passing the password back to the browser as part of the response. Just use FormsAuthentication to create the auth cookie and send it back with the response.


Solution:2

The AntiForgeryToken is only valid for POST requests (GET requests are supposed to be idempotent... that is, not change state on the server). RedirectToAction does an HTTP/302 redirect, which is results in a GET request. Therefor, an AntiForgeryToken would make no sense for RedirectToAction.

I would reconsider what it is you are trying to do.

Remember, actions are just public methods on the controller, so you should be able to call one (and return its result) from any other action.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »