1

I have a problem with ASP.Net MVC regarding authentication. The user managed to login and log out with no problem but when I click the back button is in the browser on the watch still logged in !!! Can someone help me!!! I also remind you that I am not using the default authentication of Visual Studio

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Login(LoginViewModel model)
    {
        if (ModelState.IsValid)
        {
            var isValidUser = IsValidUser(model);

            if(isValidUser != null)
            {
                FormsAuthentication.SetAuthCookie(model.UserMail, true); 
                return RedirectToAction("Index", "Home");
            }
            else
            {
                ModelState.AddModelError("Eror", "Invalid login attempt");
                return View();
            }
            
        }
        else
        {
            return View(model);
        }
    }

 public User IsValidUser(LoginViewModel model)
    {
        using(var db = new DbCaimanContext())
        {
            User user = db.Users.Where(q => q.UserMail.Equals(model.UserMail) && q.Password.Equals(model.Password)).SingleOrDefault();

            if (user == null)
                return null;
            else
                return user;
        }
    }

And here is my disconnection method :

public ActionResult LogOut()
    {
        FormsAuthentication.SignOut();
        Session.Abandon();
        return RedirectToAction("Login");
    }
Improve this question
7
  • Please give details of your authentication method, and a code example, e.g. how you log the user out. Commented Sep 3, 2020 at 11:52
  • I just updated my post Commented Sep 3, 2020 at 12:07
  • Have you tried Session.Clear(); before the Session.Abandon(); ? Commented Sep 3, 2020 at 12:14
  • no not yet i will do it right now... Commented Sep 3, 2020 at 12:18
  • 1
    Does this answer your question? How to clear browser cache when user log off in asp.net using c#? It's possible that what you see after pressing browser's back button is in local cache. You could disable cache for that page. Commented Sep 3, 2020 at 12:26

1 Answer 1

Reset to default
0

In your Login Get Method

    [AllowAnonymous]
    public ActionResult Login(string returnUrl)
    {

        ViewBag.ReturnUrl = returnUrl;
        
        if (HttpContext.User.Identity.IsAuthenticated)
            return RedirectToAction("Index", "Main");// go to anywhere you want
        else
            return View();
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.