how to logout the user from my asp.net application?

Question

I'm using custom code to login and logout the user in my web application. on click of the login button, the code below executes:

if (Membership.ValidateUser(txtUserEmail.Text, txtUserPass.Text))
{
    HttpContext.Current.Profile.Initialize(txtUserEmail.Text.Trim(), true);
}

I then check the profile.Username on pre-init of everypage to check whether the user is logged in or not. But now I don't know what to do to logout the user, so that the profile is set to null or something. I'm trying all of these on the click of the logout button :

protected void lnkBtnLogout_Click(object sender, EventArgs e)
{
Session.Abandon();
Request.Cookies.Clear();
FormsAuthentication.SignOut();
var p = HttpContext.Current.Profile;
Response.Redirect("/Default.aspx");
}

I'm using variable p just to check whether the profile has been reset or not, but it still has all the values of the logged in user. So, what should I do to reset the profile and logout the user???

yes, all the Profile values are still as it is i.e. populated with the current user details. — MrClan, Mar 08 '12 at 17:00
this code is executed everytime I press the logout button, irrespective of whether it is a postback or not. — MrClan, Mar 10 '12 at 04:01

score 2 · Answer 1 · answered Mar 08 '12 at 21:53

2

Right after the SignOut() make a redirect with stop anything else, so the page stop update anything else.

So the code will be.

protected void lnkBtnLogout_Click(object sender, EventArgs e)
{
  Session.Abandon();
  Request.Cookies.Clear();
  FormsAuthentication.SignOut();
  Response.Redirect("/Default.aspx", true);
}

After the redirect check if the use is still log in. The user is not log out after the call of SignOut, but after the end and flush of the final cookie, and on the next page load.

answered Mar 08 '12 at 21:53

Aristos

66,005
16
114
150

nopes, even with this code, same result. The user is redirected to the default.aspx page, but he's not logged out and the Profile object is still populated, because of which, if he/someone-else navigates backwards, and then try to use the application, everything inside behaves normally(as it typically should) as for the application, the user is still logged in. – MrClan Mar 10 '12 at 04:00
@PratikChandra check if you have cache the page ! – Aristos Mar 10 '12 at 08:59
@PratikChandra It work to me, some years now. Maybe something in the middle not let it signout. Try to make shift+ click on refress, after the SignOut to see whats happends. – Aristos Mar 10 '12 at 17:12
same thing, tried Shift+Click and Ctrl+f5, cleared browser cookies, used Ctrl+Shift+Del in firefox, but still that user is signed in(checked as described in the comment above). It's driving me crazzzzyyy. – MrClan Mar 10 '12 at 17:27
@PratikChandra Make a test, set the SignOut() on page load and the redirect there, just for test. – Aristos Mar 10 '12 at 17:31

how to logout the user from my asp.net application?

1 Answers1