Support us .Net Basics C# SQL ASP.NET Aarvi MVC Slides C# Programs Subscribe Download

Show or hide login and logout links based on login status in asp.net core

Suggested Videos
Part 66 - Register new user using asp.net core identity | Text | Slides
Part 67 - ASP.NET Core Identity UserManager and SignInManager | Text | Slides
Part 68 - ASP.NET core identity password complexity | Text | Slides

In this video we will discuss
  • How to show or hide LOGIN, LOGOUT and REGISTER links based on whether the user is logged in or not. 
  • Implementing LOGOUT feature in ASP.NET core.

If the user is not logged-in, display Login and Register links.

asp.net core show or hide login and logout links


If the user is logged-in, hide Login and Register links and display Logout link.

how to logout a user in asp.net core

Inject SignInManager, so we could check if the user is signed-in

@using Microsoft.AspNetCore.Identity
@inject SignInManager<IdentityUser> SignInManager

<div class="collapse navbar-collapse" id="collapsibleNavbar">
    <ul class="navbar-nav ml-auto">
        @*If the user is signed-in display Logout link*@
        @if (SignInManager.IsSignedIn(User))
        {
            <li class="nav-item">
                <form method="post" asp-controller="account" asp-action="logout">
                    <button type="submit" style="width:auto"
                            class="nav-link btn btn-link py-0">
                        Logout @User.Identity.Name
                    </button>
                </form>
            </li>
        }
        else
        {
            <li class="nav-item">
                <a class="nav-link" asp-controller="account" asp-action="register">
                    Register
                </a>
            </li>
            <li class="nav-item">
                <a class="nav-link" asp-controller="account" asp-action="login">
                    Login
                </a>
            </li>
        }
    </ul>
</div>

Use a POST request to log the user out. Using a GET request to log out the user is not recommended because the approach may be abused. A malicious user may trick you into clicking an image element where the src attribute is set to the application logout url. As a result you are unknowingly logged out.

Logout user in asp.net core

public class AccountController : Controller
{
    private readonly SignInManager<IdentityUser> signInManager;

    public AccountController(SignInManager<IdentityUser> signInManager)
    {
        this.signInManager = signInManager;
    }

    [HttpPost]
    public async Task<IActionResult> Logout()
    {
        await signInManager.SignOutAsync();
        return RedirectToAction("index", "home");
    }
}

asp.net core tutorial for beginners

6 comments:

  1. Hello Vekant,

    Thanks for all the wonderful sessions. You are very good teacher, using your aspnet core video i learned lot of concepts.

    I am facing issue for Login using Identity. SignIn result is successfull but i am getting null value for '@User.Identity.Name'on _Layout page where check whether user is login or not. Code was working fine suddenly it stops working. I have written all code as per your videos. Only change is AspNet Core version is 3.1.7

    Can you please help on this.

    Thanks & Regards
    Milind Nikam

    ReplyDelete
    Replies
    1. you should
      app.UseAuthentication();
      in startup.cs File

      Delete
    2. Hi, it works in asp.net core 2.2, but has the same issue after asp.net 3.1. Please add this code in the startup.cs

      app.UseAuthentication();
      app.UseAuthorization();

      Delete
  2. await signInManager.SignInAsync(user, isPersistent: false);
    Console.WriteLine(signInManager.IsSignedIn(User));
    Always returns false. In my layout view, the if statement to hide the login and register link never goes away. The user is registered in the database.
    I am using .net cor 3.1 and you must reload the page after register so the logout will be shown, is this a problem? how to fix it?

    ReplyDelete
    Replies
    1. (use Redirect instead simple return)
      this works for me:
      var result2 = await _signInManager.PasswordSignInAsync(
      _theemail, _thepassword, false, false);
      if (result2.Succeeded) {
      //return View("../Home/Index");
      return Redirect("../Home/Index");
      }

      Delete
  3. How to prevent browser back button after logout?

    ReplyDelete

It would be great if you can help share these free resources