Page redirection after logout in mvc

Question

I am following this thread Session of the user in mvc . My requirement is that when a user logs out from the asp.net mvc application and if he clicks the back button he should not be redirected to the previous page. The user should be kept on the login page. I have tried the logout code from the above thread which is as follows.

public ActionResult LogOut()
        {
            FormsAuthentication.SignOut();
            Session.Abandon(); // it will clear the session at the end of request
            return RedirectToAction("Login", "User");
        }

possible duplicate of [After logout if browser back button press then it go back last screen](http://stackoverflow.com/questions/19315742/after-logout-if-browser-back-button-press-then-it-go-back-last-screen) — Sandeep Kumar M, Dec 23 '14 at 06:01

score 1 · Answer 1 · edited May 23 '17 at 12:14

1

[Authorize]
public class HomeController: Controller
{

    public ActionResult YourTable()
    {
        return View();
    }

}

Use Authorize in your controller

Another way of doing this is : disabling the cache for the entire application

Refer to this : After logout if browser back button press then it go back last screen

edited May 23 '17 at 12:14

Community

1
1

answered Dec 23 '14 at 06:03

backtrack

7,996
5
52
99

@baktrack : using [Authorize] is giving me the following error in iis HTTP Error 401.0 - Unauthorized You do not have permission to view this directory or page. – user2998990 Dec 23 '14 at 06:15
Yes because you are not logged in. Authorize will let you access the controller if and only if you are logged in (Authorize user) else you cant – backtrack Dec 23 '14 at 06:16
But I have a single controller where my login and logout action methods are. So, for me to login in I have to use the same controller for which I have written Authorize – user2998990 Dec 23 '14 at 06:19
For login remove the Authorize header – backtrack Dec 23 '14 at 06:24
You have to use the Authorize header only to those pages which are private (meaning ppl can see those pages /Access it if and only if they are logged in) – backtrack Dec 23 '14 at 06:25
so, I will have to write authorize for each actionmethod in my all controllers except login.? or there is some generic way that except login, I can have the functionality i want – user2998990 Dec 23 '14 at 06:46
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/67513/discussion-between-backtrack-and-user2998990). – backtrack Dec 23 '14 at 06:48
I would suggest you to write it for each controller but if you wish you can follow this : http://stackoverflow.com/questions/11539217/specifying-roles-in-web-config-of-an-asp-net-mvc-application or http://www.dotnet-tricks.com/Tutorial/mvc/G54G220114-Custom-Authentication-and-Authorization-in-ASP.NET-MVC.html – backtrack Dec 23 '14 at 06:50
Use the `[AllowAnonymous]` for the Login Action. – Daniel Jackson Dec 14 '17 at 17:17

score 0 · Answer 2 · answered Jan 22 '22 at 21:20

<li class="nav-item login border-0"><a asp-action="Logout" asp-controller="Home" onclick="clearAll();"> <i class="fas fa-sign-in-alt"></i> تسجيل خروج</a></li>

public ActionResult LogOut()
{
    HttpContext.Session.Clear();
    return RedirectToAction("Index", "Home");
}

And if you want to remove the token from the browser :

function clearAll() {
   window.localStorage.clear();
}

Page redirection after logout in mvc

2 Answers2