Cookies logout razor remove

Question

I have an asp application and i need to remove all current session's cookies in the action of logout:

 public ActionResult Logout()
        {
            Upload.Models.CompteModels.Connected = false;
            return RedirectToAction("Login", "Account");
         }

Now i use a static class CompteModels with a boolean to test if the user is authentifying or not but it's not efficent. so i think that i have to remove all cookies when i logout.

How can i do it?

Answer 1

You could create a session variable called LoggedIn or something similar and just clear this in your logout action. Then in your Login action you need to check for this session.

 public ActionResult Logout()
 {
    Upload.Models.CompteModels.Connected = false;
    Session.Remove("LoggedIn");
    return RedirectToAction("Login", "Account");
 }

 public ActionResult Login()
 {
    // check for session var, redirect to landing page maybe?
    if(Session["LoggedIn"] == null) 
    {
       RedirectToAction("Home", "Index");
    }
    else
    {
       Session.Add("LoggedIn", true);
    }
    return RedirectToAction("TargetPage", "TargetAction");
 }

Just one idea, depends on where you want users to be redirected to and such, TargetPage could be an admin area or something similar.

Answer 2

If you mean drop session data and remove the sessions cookies see here for how to do it.

Answer 3

A static property is shared across all users, so using a static property to determine if a user is logged in will not work correctly, as this would log out all users, or log them in.

You can abandon the session using Session.Abandon or remove a cookie using the HttpResponse.Cookies collection, and write a cookie to it that is expired.