Good morning.
I have a login form on a webpage using MVC 5, I am using the [ValidateAntiForgeryToken] function to validate forms for security reasons.
The page logs in correctly, however when clicking the Back button of the browser and entering the login data again the message
The provided anti-forgery token was for user "", but the current user is "1747".
How do I fix this?
Thank you
'
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Index(usuarioModel user)
{
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "Tentativa de login inválida.");
return View();
}
if (usuarioAplicacao.AutenticarUsuario(user.Cnpj, user.Usuario, user.Senha2))
{
return RedirectToAction("Grid", "Atendimento");
}
else
{
ModelState.AddModelError("", "Tentativa de login inválida.");
return View();
}
}'
@model usuarioModel
@{
ViewBag.Title = "Efetuar login";
Layout = "~/Views/Shared/_LayoutLogin.cshtml";
}
Login
Faça o login para acessar a sua área.
@using (Html.BeginForm("Index", "home", "", FormMethod.Post, new { @class = "login-form", role = "form" }))
{
@Html.AntiForgeryToken()
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
@Html.TextBoxFor(m => m.Cnpj, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "CNPJ" })
@Html.ValidationMessageFor(m => m.Cnpj, "", new { @class = "text-danger" })
@Html.TextBoxFor(m => m.Usuario, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Usuário" })
@Html.ValidationMessageFor(m => m.Usuario, "", new { @class = "text-danger" })
@Html.PasswordFor(m => m.Senha2, new { @class = "form-control form-control-solid placeholder-no-fix form-group", autocomplete = "on", placeholder = "Senha" })
@Html.ValidationMessageFor(m => m.Senha2, "", new { @class = "text-danger" })
}
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
'