I would like to stop users from going back to the previous page once logged out. Stop Accessing Previous Pages After Signout – Disable Browser Back Button.
For this situation, I plan to write down a cookie once logged out (check the “SetLogoutCookie” function) and read the cookie once per age load for every online page except login.aspx (check the “RedirectToLoginPage” function). If the data in the cookie means that the user logged out, then redirect current page to login.aspx. As an example, I have provided the subsequent code for your reference. Hope it’s useful to you.
ASP.NET Code for Default page:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
<html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Untitled Page</title> <script type="text/javascript"> function SetLogoutCookie(value) { var exdate=new Date(); exdate.setDate(exdate.getDate()+1); var expires = "; expires="+exdate.toGMTString(); document.cookie = "logout=" + value + expires+"; path=/"; } function Checklogout() { var c_start = document.cookie.indexOf("logout="); if (c_start!=-1) { c_start=c_start + 7; c_end=document.cookie.indexOf(";",c_start) if (c_end==-1) { c_end=document.cookie.length; } if(document.cookie.substring(c_start,c_end) == "true") { return true; } } return false; } function RedirectToLoginPage() { if (Checklogout()) { window.location = "login.aspx"; } } </script> </head> <body onload="RedirectToLoginPage()"> <form id="form1" runat="server"> <div> <asp:LinkButton ID="LinkButton1" runat="server" OnClick="LinkButton1_Click" OnClientClick="SetLogoutCookie('true')">Log out</asp:LinkButton> </div> </form> </body> </html> |
C# Code for Default page:
|
1 2 3 4 5 |
protected void LinkButton1_Click(object sender, EventArgs e) { FormsAuthentication.SignOut(); FormsAuthentication.RedirectToLoginPage(); } |
ASP.NET Code for Login page:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
<html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Untitled Page</title> <script type="text/javascript"> function SetLogoutCookie(value) { var exdate=new Date(); exdate.setDate(exdate.getDate()+1); var expires = "; expires="+exdate.toGMTString(); document.cookie = "logout=" + value + expires+"; path=/"; } </script> </head> <body> <form id="form1" runat="server"> <div> Name:<asp:TextBox ID="TBName" runat="server">test</asp:TextBox> <br /> Password:<asp:TextBox ID="TBPassword" runat="server" TextMode="Password"></asp:TextBox> <br /> <asp:LinkButton ID="LinkButton1" runat="server" OnClick="LinkButton1_Click" OnClientClick="SetLogoutCookie('false')">Login</asp:LinkButton></div> </form> </body> </html> |
C# Code for Login page:
|
1 2 3 4 5 6 7 |
protected void LinkButton1_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(TBName.Text, TBPassword.Text)) { FormsAuthentication.RedirectFromLoginPage(TBName.Text,false); } } |
Code for Web Config:
|
1 2 3 4 5 6 7 8 9 10 |
<authentication mode="Forms"> <forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30"> <credentials passwordFormat="Clear"> <user name="test" password="test" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> |
P.S. You can put the JavaScript code to a separate js file and include the file in each page.
Leave a Comment