How to reload the page using Express?

Question

I am working on the logout part of my website and I am using JWT for authentication and using cookies to send the JWT for client side.

For logging out I am passing some dummy token value with the same token name so that it over rides the previous token. But when I log out of the portal, I am still able to access my dashboard. There is some glitch in the logout functionality. I guess it is due to the browser cache.

I have few questions regarding Express.

1. Are there any ways to reload the current page using Express and delete the browser cache while doing so?

2. I need to disable the browser forward option of chrome once the user is logged out, how can I achieve this using express?

3. How to redirect the user to his dashboard when he tries to hit '/login' or '/signup' route when he is already logged in? I am using the JWT authentication for login

Thanks in advance

Answer 1

Are there any ways to reload the current page using Express and delete the browser cache while doing so?

The server can't, on its own, tell the browser what to do. The browser has to initiate communications and then act on that communications.

You could have the web page in the browser reload its own page using Javascript with window.location.reload(true) at any time. If you want the web page Javascript to be told when to do this by the server, it could either send regular Ajax calls to the server and, based on the response, decide when to reload the page. Or, it could have a webSocket connection to the server and the server could send the web page some data that, when the web page received that data, it would see that it should reload its page.

We could help you better if you told us what the real problem was here. Web pages can use Javascript and/or webSocket connections to dynamically update themselves rather than just reload all the time. That's a more modern design.

I need to disable the browser forward option of chrome once the user is logged out, how can I achieve this using express?

There's a discussion of disabling the forward button here: HTML5 history disabling forward button. You will probably find this is a brute force approach (it involves getting rid of browser history) and there is likely a much better way to solve whatever real problem you're trying to solve. It also sounds like you may also want to manage browser cache expiration too.

How to redirect the user to his dashboard when he tries to hit '/login' or '/signup' route when he is already logged in? I am using the JWT authentication for login

When you detect a request to '/login' or '/signup' in Express from a user who is already logged in, you just respond with a res.redirect("/dashboard") from your server. FYI, there are lots of questions about whether this is the proper user experience. A user going to '/login' or '/signup' when they are already signed in could have any one of these use cases:

1. They don't realize they are already signed in or they don't know if they are signed in as the desired user.
2. They want to sign in as a different user.
3. They want to create a new account (different from what is currently logged in).
4. They are trying to figure out how to log out.

You should make sure that blind redirecting (and not taking the user to the page they asked to go to) still makes all these use cases entirely clear. If not, you will just frustrate the user by not taking them where they asked to go.