Hi RichardSa,
On Logout page set Response.Cache.SetCacheability and SetExpires.
Please refer below sample.
HTML
Login
<div class="row">
<div class="col-sm-5">
<div class="container-fluid">
<br />
<h2 class="form-signin-heading">LOGIN</h2>
<div id="dvMessage" runat="server" visible="false" class="alert alert-danger">
<strong><i class="fad fa-exclamation-square" aria-hidden="true"></i> </strong>
<asp:Label ID="lblMessage" runat="server" />
</div>
<label for="txtUsername">UserName</label>
<asp:TextBox ID="txtUsername" runat="server" CssClass="form-control" Font-Size="11pt" placeholder="UserName" Width="30%" /><br />
<br />
<label for="txtPassword">Password</label>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" CssClass="form-control" Font-Size="11pt" placeholder="Password" /><br />
<a href="#">Forgotten Password?</a>
<br />
<br />
<asp:Button ID="Button1" runat="server" CssClass="btn btn-primary" BackColor="#32657c" Text="Login" OnClick="ValidateUser" />
<br />
<br />
</div>
<br />
</div>
</div>
Home
<h1>Home</h1>
<asp:Label ID="lblMessage" runat="server"></asp:Label>
<hr />
<asp:LinkButton ID="lnkLogout" runat="server" Text="Logout" Font-Size="11pt" ForeColor="red" OnCommand="Logout_Command"></asp:LinkButton>
Web.Config
wright the below code Inside the system.web
<authentication mode="Forms">
<forms cookieless="UseCookies" defaultUrl="~/Home.aspx" loginUrl="~/Login.aspx" slidingExpiration="true" timeout="2880"></forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
Namespaces
Login
using System.IO;
using System.Text;
using System.Data;
using System.Web.Security;
using System.Configuration;
using System.Data.SqlClient;
using System.Security.Cryptography;
Home
using System.Web.Security;
using System.Web.Configuration;
Code
Login
protected void ValidateUser(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(txtUsername.Text) & !string.IsNullOrEmpty(txtPassword.Text))
{
string constring = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constring))
{
using (SqlCommand cmd = new SqlCommand("SELECT Uid FROM Login_User WHERE Username = @Username AND Password = @Password", con))
{
con.Open();
cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
cmd.Parameters.AddWithValue("@Password", Encrypt(txtPassword.Text.Trim()));
string userId = Convert.ToString(cmd.ExecuteScalar());
con.Close();
//checks to see if logi details are correct
if (!string.IsNullOrEmpty(userId))
{
string users = "";
//checks to see if account has been activated
using (SqlCommand cmd1 = new SqlCommand("SELECT Uid FROM Login_User WHERE Uid = @Uid"))
{
cmd1.CommandType = CommandType.Text;
cmd1.Parameters.AddWithValue("@Uid", userId);
cmd1.Connection = con;
con.Open();
users = Convert.ToString(cmd1.ExecuteScalar());
con.Close();
}
if (!string.IsNullOrEmpty(users))
{
string user = "";
using (SqlCommand cmd2 = new SqlCommand("SELECT Uid FROM Login_User WHERE Password = @Password AND UserName = @UserName AND Password = @Password"))
{
cmd2.CommandType = CommandType.Text;
cmd2.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
cmd2.Parameters.AddWithValue("@Password", Encrypt(txtPassword.Text.Trim()));
cmd2.Connection = con;
con.Open();
user = Convert.ToString(cmd2.ExecuteScalar());
con.Close();
}
if (user != "")
{
con.Open();
Session["user"] = user;
string query = "SELECT LastLogin, IsActive from Login_User WHERE Uid = @Uid";
using (SqlCommand cmd3 = new SqlCommand(query, con))
{
cmd3.Parameters.AddWithValue("@Uid", Session["user"]);
Session["LastLogin"] = cmd3.ExecuteScalar();
}
string UpdateLog = @"UPDATE Login_User SET LastLogin=@dateandtime, IsActive=@IsActive WHERE Uid = @Uid";
using (SqlCommand cmd4 = new SqlCommand(UpdateLog, con))
{
cmd4.Parameters.AddWithValue("@dateandtime", DateTime.UtcNow);
cmd4.Parameters.AddWithValue("@IsActive", "1");
cmd4.Parameters.AddWithValue("@Uid", Session["user"]);
cmd4.ExecuteNonQuery();
}
con.Close();
FormsAuthentication.RedirectFromLoginPage(user, true);
}
}
else
{
dvMessage.Visible = true;
lblMessage.Visible = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "Account has not been activated";
txtPassword.Text = "";
txtPassword.Focus();
}
}
else
{
dvMessage.Visible = true;
lblMessage.Visible = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "Invalid Login Details";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
else
{
dvMessage.Visible = true;
lblMessage.Visible = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "All Fields are Required";
}
}
private string Encrypt(string clearText)
{
string encryptionKey = "MAKV2SPBNI99212";
byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(encryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}
Home
protected void Page_Load(object sender, EventArgs e)
{
if (this.Page.User.Identity.IsAuthenticated)
{
lblMessage.Text = "Welcome:" + Session["user"].ToString();
}
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.Now.AddSeconds(-1));
Response.Cache.SetNoStore();
Response.AppendHeader("Pragma", "no-cache");
}
protected void Logout_Command(Object sender, CommandEventArgs e)
{
if (this.Page.User.Identity.IsAuthenticated)
{
FormsAuthentication.SignOut();
Session.Abandon();
FormsAuthentication.RedirectToLoginPage();
}
}
Screenshot
