如何在注销时清除会话

发布于 2024-07-10 15:03:41 字数 159 浏览 9 评论 0原文

当用户单击注销时,我将用户重定向到登录页面,但我不认为它会清除任何应用程序或会话,因为当用户重新登录时,所有数据都会保留。

当前登录页面有一个登录控件,并且后面的代码该页面仅连接登录验证。

有人可以指导我阅读有关处理 ASP.NET 网站登录和注销的优秀教程或文章吗?

I redirect the user to the login page when user click log out however I don't think it clears any application or session because all the data persisted when the user logs back in.

Currently the login page has a login control and the code behind on the page is only wired up the login Authenticate.

Can someone direct me to a good tutorial or article about handling log in and out of ASP.NET web sites?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(10

孤独难免 2024-07-17 15:03:42

我希望 Session.Abandon()

Session.Clear() 不会导致 End 触发,并且来自客户端的进一步请求不会引发 Session Start 事件。

I would prefer Session.Abandon()

Session.Clear() will not cause End to fire and further requests from the client will not raise the Session Start event.

若言繁花未落 2024-07-17 15:03:42

Session.Abandon() 销毁会话并触发 Session_OnEnd 事件。

Session.Clear() 只是从对象中删除所有值(内容)。 具有相同密钥的会话仍然活动

因此,如果您使用 Session.Abandon(),您将丢失该特定会话,并且用户将获得一个新的会话密钥。 例如,当用户注销时,您可以使用它。

如果您希望用户保留在同一会话中(例如,如果您不希望他重新登录)并重置其所有会话特定数据,请使用 Session.Clear() 。

Session.Abandon() destroys the session and the Session_OnEnd event is triggered.

Session.Clear() just removes all values (content) from the Object. The session with the same key is still alive.

So, if you use Session.Abandon(), you lose that specific session and the user will get a new session key. You could use it for example when the user logs out.

Use Session.Clear(), if you want that the user remaining in the same session (if you don't want him to relogin for example) and reset all his session specific data.

红颜悴 2024-07-17 15:03:42

.NET core 的清除会话的方式略有不同。 没有 Abandon() 函数。

ASP.NET Core 1.0 或更高版本

//Removes all entries from the current session, if any. The session cookie is not removed.
HttpContext.Session.Clear()

在此处查看 api 参考

.NET Framework 4.5 或更高版本

//Removes all keys and values from the session-state collection.
HttpContext.Current.Session.Clear(); 

//Cancels the current session.
HttpContext.Current.Session.Abandon();

在此处查看 api 参考

The way of clearing the session is a little different for .NET core. There is no Abandon() function.

ASP.NET Core 1.0 or later

//Removes all entries from the current session, if any. The session cookie is not removed.
HttpContext.Session.Clear()

See api Reference here

.NET Framework 4.5 or later

//Removes all keys and values from the session-state collection.
HttpContext.Current.Session.Clear(); 

//Cancels the current session.
HttpContext.Current.Session.Abandon();

See api Reference here

青巷忧颜 2024-07-17 15:03:42
<script runat="server">  
    protected void Page_Load(object sender, System.EventArgs e) {  
        Session["FavoriteSoftware"] = "Adobe ColdFusion";  
        Label1.Text = "Session read...<br />";  
        Label1.Text += "Favorite Software : " + Session["FavoriteSoftware"];  
        Label1.Text += "<br />SessionID : " + Session.SessionID;  
        Label1.Text += "<br> Now clear the current session data.";  
        Session.Clear();  
        Label1.Text += "<br /><br />SessionID : " + Session.SessionID;  
        Label1.Text += "<br />Favorite Software[after clear]: " + Session["FavoriteSoftware"];  
    }  
</script>  



<html xmlns="http://www.w3.org/1999/xhtml">  
<head id="Head1" runat="server">  
    <title>asp.net session Clear example: how to clear the current session data (remove all the session items)</title>  
</head>  
<body>  
    <form id="form1" runat="server">  
    <div>  
        <h2 style="color:Teal">asp.net session example: Session Clear</h2>  
        <asp:Label   
            ID="Label1"   
            runat="server"   
            Font-Size="Large"  
            ForeColor="DarkMagenta"  
            >  
        </asp:Label>  
    </div>  
    </form>  
</body>  
</html>  
<script runat="server">  
    protected void Page_Load(object sender, System.EventArgs e) {  
        Session["FavoriteSoftware"] = "Adobe ColdFusion";  
        Label1.Text = "Session read...<br />";  
        Label1.Text += "Favorite Software : " + Session["FavoriteSoftware"];  
        Label1.Text += "<br />SessionID : " + Session.SessionID;  
        Label1.Text += "<br> Now clear the current session data.";  
        Session.Clear();  
        Label1.Text += "<br /><br />SessionID : " + Session.SessionID;  
        Label1.Text += "<br />Favorite Software[after clear]: " + Session["FavoriteSoftware"];  
    }  
</script>  



<html xmlns="http://www.w3.org/1999/xhtml">  
<head id="Head1" runat="server">  
    <title>asp.net session Clear example: how to clear the current session data (remove all the session items)</title>  
</head>  
<body>  
    <form id="form1" runat="server">  
    <div>  
        <h2 style="color:Teal">asp.net session example: Session Clear</h2>  
        <asp:Label   
            ID="Label1"   
            runat="server"   
            Font-Size="Large"  
            ForeColor="DarkMagenta"  
            >  
        </asp:Label>  
    </div>  
    </form>  
</body>  
</html>  
黒涩兲箜 2024-07-17 15:03:42

session.abandon() 不会从浏览器中删除 sessionID cookie。 因此,此后的任何新请求都将采用相同的会话 ID。
因此,使用 Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", "")); 在 session.abandon() 之后。

session.abandon() will not remove the sessionID cookie from the browser. Therefore any new requests after this will take the same session ID.
Hence, use Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", "")); after session.abandon().

清欢 2024-07-17 15:03:42

对于.Net核心

[HttpPost]
    public IActionResult Logout()
    {
        try
        {
            CookieOptions option = new CookieOptions();
            if (Request.Cookies[AllSessionKeys.AuthenticationToken] != null)
            {
                option.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Append(AllSessionKeys.AuthenticationToken, "", option);
            }

            HttpContext.Session.Clear();
            return RedirectToAction("Login", "Portal");
        }
        catch (Exception)
        {
            throw;
        }
    }

for .Net core

[HttpPost]
    public IActionResult Logout()
    {
        try
        {
            CookieOptions option = new CookieOptions();
            if (Request.Cookies[AllSessionKeys.AuthenticationToken] != null)
            {
                option.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Append(AllSessionKeys.AuthenticationToken, "", option);
            }

            HttpContext.Session.Clear();
            return RedirectToAction("Login", "Portal");
        }
        catch (Exception)
        {
            throw;
        }
    }
眉目亦如画i 2024-07-17 15:03:42

会话.Clear();

Session.Clear();

小帐篷 2024-07-17 15:03:42

转到项目中的文件 Global.asax.cs 并添加以下代码。

    protected void Application_BeginRequest()
    {
        Response.Cache.SetCacheability(HttpCacheability.NoCache);
        Response.Cache.SetExpires(DateTime.Now.AddHours(-1));
        Response.Cache.SetNoStore();
    }

它对我有用..!
参考链接
清除注销 MVC 4 上的会话

Go to file Global.asax.cs in your project and add the following code.

    protected void Application_BeginRequest()
    {
        Response.Cache.SetCacheability(HttpCacheability.NoCache);
        Response.Cache.SetExpires(DateTime.Now.AddHours(-1));
        Response.Cache.SetNoStore();
    }

It worked for me..!
Reference link
Clear session on Logout MVC 4

左耳近心 2024-07-17 15:03:41

我使用以下方法清除会话并清除 aspnet_sessionID

HttpContext.Current.Session.Clear();
HttpContext.Current.Session.Abandon();
HttpContext.Current.Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));

I use following to clear session and clear aspnet_sessionID:

HttpContext.Current.Session.Clear();
HttpContext.Current.Session.Abandon();
HttpContext.Current.Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文