How to not allow the user to access the previous login / registration page after logging in or registering

Question

How to not allow the user to access the previous login / registration page after logging in or registering

Navigation

#1 by (1 votes)
#2 by (0 votes)

0

I'm developing an ASP.NET application and when the user logs in and clicks the browser button to go back he can access the login / registration page, even though I do the verification of the user's key logged in to the session. Here are the prints:
1 - I logged in

2-I'mloggedin,thesiteredirectsmetotheindexandIclickthebackbutton.

3-AfterthisIgobacktothelog/loginscreenwhichcannothappen:

Afterphoto3,ifIgobacktotheindex,Iamloggedinnormally,topreventthisIdidacheckinthecontrollercheckingiftheuserisloggedinornot,ifyesitgoesbacktotheindex,howeverwhentheuserclicksbackitlookslikethebrowserthatdoesthiscontrol.Ihaveseensitesthatdoesnotallowyoutogobackontheloginscreen,doesanyoneknowhowtosolvethis?Hereisthecheckinthecontroller:

publicActionResultLoginRegister(){if(Session["UserStatus"] != null)
        {
            return RedirectToAction("Index", "Home");
        }

        return View();

    }

    [HttpPost]
    public ActionResult LoginRegister(string fr,string t,string ReT)
    {
        if (Session["UserStatus"] != null)
        {
            return RedirectToAction("Index", "Home");
        }
        //Validação e outros processos.
    }

c# asp.net-mvc

asked by anonymous 20.06.2017 / 21:23

2 answers

0

Use the ActionFilterAttribute

First create a LoginFiltro class (for example):

public class LoginFiltro : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        object usuarioLogado = filterContext.HttpContext.Session["Nome"];

        if (usuarioLogado == null)
        {
            filterContext.Result = new RedirectToRouteResult(
                      new RouteValueDictionary(
                          new { action = "Index", controller = "Login" }));
        }
    }
}

that checks whether the user is logged in or not. If not, it will be redirected to the Controller Login.

No Controller

Then "decorate" the controllers you want to have this login control with:

[LoginFiltro]

that will stay above the Controller name.

20.06.2017 / 21:36

Check if field contains a date accent problem in the bank

score 1 · Accepted Answer

Just add in the login page builder to not cache, I believe this will solve your problem.

For .NET 4x.

[OutputCache(NoStore = true, Duration = 0)]
public ActionResult LoginRegister()
    {
        if (Session["UserStatus"] != null)
        {
            return RedirectToAction("Index", "Home");
        }

        return View();

    }

For .net core use:

[ResponseCache(NoStore = true, Duration = 0)]
 public ActionResult LoginRegister()
        {
            if (Session["UserStatus"] != null)
            {
                return RedirectToAction("Index", "Home");
            }

            return View();

        }