如何注销会话MVC Razor Visual Studio [英] how to log out of session MVC Razor visual studio

问题描述

我正在尝试从MVC Razor中的会话中注销，这是我目前在MainController中拥有的内容:

I'm trying to logout from a session in MVC Razor heres what I have in my MainController at the moment:

[HttpPost]
public ActionResult Login(Users user)
{
    if (ModelState.IsValid)
    {
        if (ValidateUser(user.Email, user.Password))
        {

            FormsAuthentication.SetAuthCookie(user.Email, false);
            return RedirectToAction("Index", "Members");
        }
        else
        {
            ModelState.AddModelError("", "");
        }
    }
    return View();
}

private bool ValidateUser(string Email, string Password)
{

    bool isValid = false;

    using (var db = new ShareRideDBEntities())
    {
        var User = db.tblProfiles.FirstOrDefault(u => u.PROF_Email == Email);
        var ut = db.tblProfilesTypes.FirstOrDefault(t => t.TPE_ID == User.PROF_UserType);

        if (User != null)
        {
            if (User.PROF_Password == Password)
            {
                Session["UserID"] = User.PROF_UserID;
                Session["Name"] = User.PROF_FirstName;
                Session["Email"] = User.PROF_Email;
                Session["FullName"] = User.PROF_FirstName + " " + User.PROF_LastName;

                isValid = true;
            }
        }

    }

    return isValid;
}

通过此操作，我可以登录用户并将其重新定向到他的UserCP或用户控制面板.

With this I can login the user and reditect it to his UserCP or user control panel.

我拥有它，以便如果用户未登录，他们将无法使用我的MembersController中的以下代码访问成员区域:

I have it so that if the user is not logged in, they will not be able to access the members area with this code in my MembersController:

public ActionResult UserCP()
{
    if (Session["UserID"] == null)
    {
        return RedirectToAction("Index", "Main");
    }
    else
    {
        return View();
    }

}

public ActionResult LogOut()
{
    FormsAuthentication.SignOut();
    return RedirectToAction("index", "main");
}

如果用户尚未登录，它将重定向到主索引页面，但是当我测试注销按钮时，它可以正常重定向我，但是我仍然可以返回到用户控制面板我不想发生的事情.

It will redirect the user back to the main index page if he/she is not logged in yet, but when I test the logout button it redirects me normally but I am still able to go back to the user control panel which is what I don't want to it happen.

我当然添加了

using System.Web.Security;

使用FormAuthentication.SignOut();

to use the FormAuthentication.SignOut();

如果有人能解释的话，谢谢.

Thanks in advance if anyone can explain this.

推荐答案

在FormsAuthentication.SignOut();之后，您需要调用

After FormsAuthentication.SignOut(); You need to call Session.Abandon() that will clear current session and recreate new session on the next request

public ActionResult LogOut()
{
    FormsAuthentication.SignOut();
    Session.Abandon(); // it will clear the session at the end of request
    return RedirectToAction("index", "main");
}

这篇关于如何注销会话MVC Razor Visual Studio的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！