I kept getting the following message when a user was logged in and go to the login page and try to login again:
The provided anti-forgery token was meant for user “username”, but the current user is “”.
To fix it I adjusted the Login method to look as follows:
[AllowAnonymous] [OutputCache(NoStore = true, Duration = 0, VaryByParam = "None")] public ActionResult Login() { Session.Abandon(); if (User.Identity.IsAuthenticated) { FormsAuthentication.SignOut(); Session.Clear(); Session.Abandon(); return RedirectToAction("Login"); } return View(); } |