Click here to Skip to main content
15,867,568 members
Home / Discussions / ASP.NET
   

ASP.NET

 
GeneralRe: ASP.NET Gridview load data Pin
Herman<T>.Instance3-May-22 5:38
Herman<T>.Instance3-May-22 5:38 
GeneralRe: ASP.NET Gridview load data Pin
Richard Deeming3-May-22 5:48
mveRichard Deeming3-May-22 5:48 
GeneralRe: ASP.NET Gridview load data Pin
Herman<T>.Instance3-May-22 7:12
Herman<T>.Instance3-May-22 7:12 
GeneralRe: ASP.NET Gridview load data Pin
Richard Deeming3-May-22 21:38
mveRichard Deeming3-May-22 21:38 
GeneralRe: ASP.NET Gridview load data Pin
Herman<T>.Instance3-May-22 22:03
Herman<T>.Instance3-May-22 22:03 
QuestionSend Email using Classic ASP Pin
Ram Teckchandani11-Apr-22 17:28
Ram Teckchandani11-Apr-22 17:28 
AnswerRe: Send Email using Classic ASP Pin
Richard MacCutchan11-Apr-22 22:00
mveRichard MacCutchan11-Apr-22 22:00 
QuestionMVC 5 Prevent Users From Going Back After Logging In or Out Using Identity Framework Pin
Steven Petersen3-Apr-22 9:11
Steven Petersen3-Apr-22 9:11 
I am building an app using MVC 5 and I ran into a common issue that has been asked over and over but I can't seem to find the right answer using .NET Identity. Once the user logs in, they should not be able to go back to the login page and the same is true when they log out they should not be able to go back to a restricted page.

The problem that I'm having is that if a user does not enter the correct password and the server catches the error then I successfully login I am able to go back to the login page. If I login on the first try it works like it should. How can I correct this problem?

The other problem that I'm having is when the user logs out, Is there any way without using javascript to not allow the user to access the restricted pages by using the back button?

I have included

filters.Add(new System.Web.Mvc.AuthorizeAttribute());


My controller looks like this:

[AllowAnonymous]
    [OutputCache(NoStore = true, Location = OutputCacheLocation.None)]
    public ActionResult Login(string returnUrl)
    {
        if (User.Identity.IsAuthenticated)
        {
            return RedirectToAction("Dashboard", "App");
        }
        ViewBag.ReturnUrl = returnUrl;
        return View();
    }

    //
    // POST: /Account/Login
    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
    {
        if (!ModelState.IsValid)
        {
            return View(model);
        }

        // Require the user to have a confirmed email before they can log on.
        var user = await UserManager.FindByNameAsync(model.Email);
        if (user != null)
        {
            if (!await UserManager.IsEmailConfirmedAsync(user.Id))
            {
                string callbackUrl = await SendEmailConfirmationTokenAsync(user.Id, "Confirm your account-Resend");
                ViewBag.errorMessage = "You must have a confirmed email to log on.";
                return View("Error");
            }
        }

        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, change to shouldLockout: true
        var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
        switch (result)
        {
            case SignInStatus.Success:
                return RedirectToAction("Dashboard","App");
            case SignInStatus.LockedOut:
                return View("Lockout");
            case SignInStatus.RequiresVerification:
                return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
            case SignInStatus.Failure:
            default:
                ModelState.AddModelError("", "Invalid login attempt.");
                return View(model);
        }
    }


My Logout Controller is:

// POST: /Account/LogOff
    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult LogOff()
    {
        AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
        return RedirectToAction("Index", "Home");
    }


I didn't add anything special to my view. How do I prevent the logged in user from going back to the login page which they can do if they have an error. and how can I prevent the user from going back after logout and seeing a restricted page. What I really want to know is if there is any way to do this with Identity?

I know the issue is caching in the browser that allows the user to go back. I've cleared the cache when I logout, I used the
[OutputCache(NoStore = true, Location = OutputCacheLocation.None)]


I do not want to disable cashing for the whole app (performance issues) and I do not want to use javascript (since it can be disabled by the user). Is there any other way to do it?

I know this question has been asked a million times but I haven't really found a definitive answer that works on all browsers.
AnswerRe: MVC 5 Prevent Users From Going Back After Logging In or Out Using Identity Framework Pin
Richard Deeming3-Apr-22 21:24
mveRichard Deeming3-Apr-22 21:24 
QuestionA question about CreatedAtAction() method Pin
Alex Dunlop23-Mar-22 21:44
Alex Dunlop23-Mar-22 21:44 
AnswerRe: A question about CreatedAtAction() method Pin
Richard MacCutchan23-Mar-22 21:50
mveRichard MacCutchan23-Mar-22 21:50 
QuestionA question about routing attribute Pin
Alex Dunlop23-Mar-22 21:41
Alex Dunlop23-Mar-22 21:41 
AnswerRe: A question about routing attribute Pin
Richard MacCutchan23-Mar-22 21:51
mveRichard MacCutchan23-Mar-22 21:51 
GeneralRe: A question about routing attribute Pin
Leeladhar Ladia25-Mar-22 3:46
Leeladhar Ladia25-Mar-22 3:46 
Questionexportar datos de sql server a archivo .csv con C# asp.net Pin
Member 1556240011-Mar-22 8:08
Member 1556240011-Mar-22 8:08 
QuestionPower BI Embedded : Cant doCross Filtering selecting multiple rows on a table visual pressing CTRL Pin
Member 155547063-Mar-22 17:21
Member 155547063-Mar-22 17:21 
Rant[REPOST] Power BI Embedded : Cant doCross Filtering selecting multiple rows on a table visual pressing CTRL Pin
Richard Deeming3-Mar-22 21:30
mveRichard Deeming3-Mar-22 21:30 
AnswerRe: Power BI Embedded : Cant doCross Filtering selecting multiple rows on a table visual pressing CTRL Pin
RedDk4-Mar-22 7:01
RedDk4-Mar-22 7:01 
QuestionASP .Net Core, Global HTML sanitization. Pin
GKP199228-Feb-22 17:46
professionalGKP199228-Feb-22 17:46 
AnswerRe: ASP .Net Core, Global HTML sanitization. Pin
Richard Deeming28-Feb-22 21:50
mveRichard Deeming28-Feb-22 21:50 
GeneralRe: ASP .Net Core, Global HTML sanitization. Pin
GKP199228-Feb-22 23:44
professionalGKP199228-Feb-22 23:44 
QuestionASP.NetCore Freeze the header of html table Pin
pkfox22-Feb-22 21:29
professionalpkfox22-Feb-22 21:29 
AnswerRe: ASP.NetCore Freeze the header of html table Pin
Richard Deeming24-Feb-22 0:32
mveRichard Deeming24-Feb-22 0:32 
GeneralRe: ASP.NetCore Freeze the header of html table Pin
pkfox24-Feb-22 2:09
professionalpkfox24-Feb-22 2:09 
GeneralRe: ASP.NetCore Freeze the header of html table Pin
Richard Deeming24-Feb-22 21:33
mveRichard Deeming24-Feb-22 21:33 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.