4

I'm trying to sign out a user when a session object don't exist with following code in my View:

FormsAuthentication.SignOut();

But this doesn't work - the user is already authenticated.

I've seen that the default LogOff Controller Action use this code to signout a user:

AuthenticationManager.SignOut();

But I can't use this code in my view.

So how can I logout a user in my View? Or when it's not possible how can I do this in a Controller?

Thanks for help :)

Improve this question
5
  • The default LogOff action (or a copy) simply needs to be called. This can be a javasript call or an actual a link. Commented Dec 20, 2013 at 17:36
  • When I call this in my Controller "RedirectToAction("LogOff", "Account");" so my user is allready authenticatet. Commented Dec 20, 2013 at 17:45
  • 1
    You keep saying...the user is already authenticated. What does that mean? Of course they are, you are wanting to "unauthenticate" them. Also, the sign out will not be "noticed" by your code until a new request is made by the user. Meaning, if you call AuthenticationManager.SignOut(); and on the next line have User.Identity.IsAuthenticated; - it will still show true. Commented Dec 20, 2013 at 18:03
  • @Tommy Okay .. thats a good hint. So how can I set IsAuthenticated to false? User.Identity.IsAuthenticated = false; - don't work .. it's readonly Commented Dec 20, 2013 at 18:09
  • 1
    You have to redirect the user or somehow issue a new request to the server. Call SignOut();, redirect somewhere else. That issues a new request (which the client will send the updated cookies the just received from the previous request, the one you signed them out in) and the updated authentication status will then be available. Commented Dec 20, 2013 at 18:12

1 Answer 1

Reset to default
3

You would be doing this in a controller, for instance in a separate action like LogOut(). After you've done your logout, redirect the user to the front page (for instance).

Then you simply make a link to that action.

The view is not a place to contain anything but purely simple presentational logic, like if statements or for loops. Controllers should take care of application behaviour like logging out.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I have supposed something like this, but how I do this when this function "FormsAuthentication.SignOut()" is not working and with this function "AuthenticationManager.SignOut()" I get an error that AuthenticationManager does't include an implementation for this function?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.