36

I am using a the basic login on a test ASP.Net MVC 5 site (for an internet site).

The login works fine but when I try to logout it doesn't happen. The logout link does call the following controller action:

public ActionResult LogOff()
{
    AuthenticationManager.SignOut();
    return RedirectToAction("Index", "Home");
}

But the user stays logged in. How do I ensure that the user actually gets logged out?

Sender
  • 6,660
  • 12
  • 47
  • 66
John S
  • 7,909
  • 21
  • 77
  • 145
  • Can be related to this http://stackoverflow.com/questions/28263095/logout-functionality-not-working-with-asp-net-identity – janhartmann Feb 21 '15 at 06:58

3 Answers3

50

I had this problem before, change:

AuthenticationManager.SignOut();

To:

AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);

Assuming that you are using ApplicationCookie to store your login information.

Ashley Medway
  • 7,151
  • 7
  • 49
  • 71
  • 2
    Thanks - worked for me. Small note: it should be `AuthenticationManager` (per the auto-generated code) and not `Authentication`. – Krishna Gupta Mar 05 '15 at 06:35
  • Actually it doesn't log out from the server side. https://stackoverflow.com/questions/24552448/web-api-2-owin-authentication-signout-doesnt-logout – Jeeva J Aug 30 '17 at 11:39
  • @JeevaJsb that question is about bearer tokens, which are completely different from cookies – Ashley Medway Aug 30 '17 at 11:51
4

Better way : 

public ActionResult Logout()
{
    SignInManager.AuthenticationManager.SignOut();
    return RedirectToAction("Index", "support", new { area = "" });
}

or you can use injected SignInManager into your controller like this :

public ActionResult Logout()
{
    _signInManager.AuthenticationManager.SignOut();
    return RedirectToAction("Index", "support", new { area = "" });
}

there is no deference.

Tunaki
  • 132,869
  • 46
  • 340
  • 423
Hatef.
  • 534
  • 4
  • 18
-4

I had the same problem of not being able to logout. I would stay logged in and only redirect back to the home view. I was using Chrome and I tried it in firefox and ie and didn't have the problem. Then I cleared my cookies in chrome and it all worked fine. It could be a quick and easy first step if other encounter this problem.

chuck
  • 57
  • 1
  • 6
  • 2
    We encountered the same issue with our application after upgrading from AspNet.Identity 2.0.1 to 2.2.0. Clearing cookies indeed signed the user out, but it was not a very practical solution. We implemented the fix in the accepted answer and it resolved the problem for us. – Avalanchis Mar 11 '15 at 21:59