How can i prevent the page open after logout in mvc

Question

0.00/5 (No votes)

See more:

Hi,

I have a login page . after login i am redirected to a dashboard Page. After logout ,if i enter the url in the address bar, the page is showing. How can i prevent this in MVC project?

Can anybody help me

What I have tried:

I tried by using action filters

Posted 18-Feb-16 23:40pm

Kunjammu

Updated 21-Feb-16 22:39pm

Add a Solution

Comments

F-ES Sitecore 19-Feb-16 5:47am

Disable caching on your dashboard page, google "mvc disable caching" for code samples. This will adversely affect the performance of your web site though, just to stop someone seeing something they've already seen...I'd personally just ignore the issue.

Kunjammu 19-Feb-16 6:02am

after logout some other person use the system and can see the url rignt?
it will be an issue? I am trying to solve this

F-ES Sitecore 19-Feb-16 6:04am

Can people always view the page, even when not logged in? If you ctrl+f5 in the browser does the page show? If so it's a caching issue, if they can always see the page you need to enable authorisation on that page.

Kunjammu 19-Feb-16 6:11am

not in a single page. after logout if we type any url of that site should redirect to login page. is there any method for doing globally

John C Rayan 19-Feb-16 5:59am

Use [Authorize] action filer in your action. If you have different roles, then you have to specify the roles too.

Kunjammu 19-Feb-16 6:03am

is this can done globaly

John C Rayan 19-Feb-16 6:14am

Absolutely! GlobalFilters.Filters.Add() in application_start event.

Kunjammu 19-Feb-16 6:51am

in my global.asax page i have given like below

GlobalFilters.Filters.Add(new GAFilter());
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);

in My GA Filter class
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
}

In the above function how can i check the session. can you please advice

John C Rayan 19-Feb-16 8:02am

what are you trying to do? you could get everything in filterContext.
Can you read the link I have provided to understand first.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

John C Rayan · Answer 1 · 2016-02-19T00:16:00

Solution 1

Have a look at this. You need to learn first before applying it

Custom Authentication and Authorization in ASP.NET MVC[^]

Posted 19-Feb-16 0:16am

John C Rayan

Updated 19-Feb-16 0:17am

v2

Member 11727957 · Answer 2 · 2016-02-21T22:39:00

There are three ways for doing that functionality which i m already using in my own project:
(1):Add this code to your every "ActionResult" method. By using this user can not go back by clicking backward icon of browser after "LogOut"

C#

public void SetPageCacheNoStore()
{
    Response.Cache.SetCacheability(HttpCacheability.NoCache);
    Response.Cache.AppendCacheExtension("no-store, must-revalidate");
    Response.AppendHeader("Pragma", "no-cache");
    Response.AppendHeader("Expires", "0");
}

(2):Use this code in every method at startup for checking Session destroyed or not.

C#

if (Session["UserName"] == null)
                {
                    return RedirectToAction("Login", "Account");
                }

(3):Use this code in every view or in a "Partial" view like "Sidebar uses in every view".

string viewNames = Session["UserName"];
   if (ViewNames == null)
   {
       <script src="~/Scripts/jquery-1.11.1.min.js"></script>
       <script>
           $(document).ready(function () {
               window.location.href = "../Account/Login";
           });
       </script>

   }

I hope by using all of these solutions your problem will be resolved.