Suggested Videos
Part 66 - Register new user using asp.net core identity | Text | Slides
Part 67 - ASP.NET Core Identity UserManager and SignInManager | Text | Slides
Part 68 - ASP.NET core identity password complexity | Text | Slides
In this video we will discuss
If the user is not logged-in, display Login and Register links.
If the user is logged-in, hide Login and Register links and display Logout link.
Inject SignInManager, so we could check if the user is signed-in
Use a POST request to log the user out. Using a GET request to log out the user is not recommended because the approach may be abused. A malicious user may trick you into clicking an image element where the src attribute is set to the application logout url. As a result you are unknowingly logged out.
Logout user in asp.net core
Part 66 - Register new user using asp.net core identity | Text | Slides
Part 67 - ASP.NET Core Identity UserManager and SignInManager | Text | Slides
Part 68 - ASP.NET core identity password complexity | Text | Slides
In this video we will discuss
- How to show or hide LOGIN, LOGOUT and REGISTER links based on whether the user is logged in or not.
- Implementing LOGOUT feature in ASP.NET core.
If the user is not logged-in, display Login and Register links.
If the user is logged-in, hide Login and Register links and display Logout link.
Inject SignInManager, so we could check if the user is signed-in
@using Microsoft.AspNetCore.Identity
@inject
SignInManager<IdentityUser> SignInManager
<div class="collapse navbar-collapse" id="collapsibleNavbar">
<ul class="navbar-nav ml-auto">
@*If the user is
signed-in display Logout link*@
@if (SignInManager.IsSignedIn(User))
{
<li class="nav-item">
<form method="post" asp-controller="account" asp-action="logout">
<button type="submit" style="width:auto"
class="nav-link btn btn-link
py-0">
Logout @User.Identity.Name
</button>
</form>
</li>
}
else
{
<li class="nav-item">
<a class="nav-link" asp-controller="account" asp-action="register">
Register
</a>
</li>
<li class="nav-item">
<a class="nav-link" asp-controller="account" asp-action="login">
Login
</a>
</li>
}
</ul>
</div>
Use a POST request to log the user out. Using a GET request to log out the user is not recommended because the approach may be abused. A malicious user may trick you into clicking an image element where the src attribute is set to the application logout url. As a result you are unknowingly logged out.
Logout user in asp.net core
public class AccountController : Controller
{
private readonly SignInManager<IdentityUser> signInManager;
public AccountController(SignInManager<IdentityUser>
signInManager)
{
this.signInManager = signInManager;
}
[HttpPost]
public async
Task<IActionResult> Logout()
{
await signInManager.SignOutAsync();
return RedirectToAction("index", "home");
}
}
Hello Vekant,
ReplyDeleteThanks for all the wonderful sessions. You are very good teacher, using your aspnet core video i learned lot of concepts.
I am facing issue for Login using Identity. SignIn result is successfull but i am getting null value for '@User.Identity.Name'on _Layout page where check whether user is login or not. Code was working fine suddenly it stops working. I have written all code as per your videos. Only change is AspNet Core version is 3.1.7
Can you please help on this.
Thanks & Regards
Milind Nikam
you should
Deleteapp.UseAuthentication();
in startup.cs File
Hi, it works in asp.net core 2.2, but has the same issue after asp.net 3.1. Please add this code in the startup.cs
Deleteapp.UseAuthentication();
app.UseAuthorization();
await signInManager.SignInAsync(user, isPersistent: false);
ReplyDeleteConsole.WriteLine(signInManager.IsSignedIn(User));
Always returns false. In my layout view, the if statement to hide the login and register link never goes away. The user is registered in the database.
I am using .net cor 3.1 and you must reload the page after register so the logout will be shown, is this a problem? how to fix it?
(use Redirect instead simple return)
Deletethis works for me:
var result2 = await _signInManager.PasswordSignInAsync(
_theemail, _thepassword, false, false);
if (result2.Succeeded) {
//return View("../Home/Index");
return Redirect("../Home/Index");
}
How to prevent browser back button after logout?
ReplyDelete