This blog is continuation to my other two blogs on Customizing membership controls (Part1 and Part2). Here i am going to talk about customizing login membership controls for redirection.
By default, Login membership control provides support for requestUrl redirection i.e. when you access a page that require authentication, it will automatically redirect to login page if you have not logged in already. Once you login, you will automatically redirected back to the original page.
This is a very nice feature, but there might a small problem in this feature. I will explain this problem with a scenario. Consider user forgot his password, so he goes to password recovery page where he request for his password reset. Once the password is reset, membership control will sent a email to user. User waits for the email, once he receives the email. He will get the password, and goes to login page (Note: here user is going to login page from password recovery page.). Once user enters the username and password, he will be redirected to back password recovery page as password recovery page is users last page.
If you think from user point of view, why after entering the new password in login page user is redirected to password recovery page. Either it should redirect to change password page or to custom page.
To avoid this confusion, you can handle onlogging event of Login control and write the following code,
void Login1_LoggedIn(object sender, EventArgs e)
{
if (Request.QueryString["ReturnUrl"] != null && Request.QueryString["ReturnUrl"].IndexOf("PwdRecovery.aspx") >= 0)
{
Response.Redirect("~/Career/Secure/ChangePwd.aspx");
}
}
Basically, here am just checking if the returnUrl property is point to PasswordRecovery page, then I will redirect the user to ChangePassword page. Similarly you can redirect to any page you want.
Note: Login Control uses ReturnUrl API to redirect the user after login to the original page from where user came.