I was first using the logout action that was automatically created by the Web Forms project in Visual Studio (I know Web Forms is outdated, but I need it for a legacy piece of code):
<asp:LoginStatus runat="server" LogoutAction="Redirect" LogoutText="Log out" LogoutPageUrl="~/" />
So I assume that what makes the user log out is the part LogoutAction="Redirect"
But in the tutorial I was looking at, the logout action would be done this way:
private void cmdLogout_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SignOut();
Response.Redirect("~/", true);
}
Is there a difference between the two, or LogoutAction="Redirect"
does the same as FormsAuthentication.SignOut()
?
CodePudding user response:
LogoutAction
in combination with LogoutPageUrl
just tell the LoginStatus
control how to do the redirect in case the user clicks the logout menu item.
The LoginStatus
executes that same FormsAuthentication.SignOut()
, followed by a redirect which happens according to the specified settings.
See the source code.
private void LogoutClicked(object Source, CommandEventArgs e)
{
// ...
FormsAuthentication.SignOut();
switch (LogoutAction) {
// ...
case LogoutAction.Redirect:
string url = LogoutPageUrl;
if (!String.IsNullOrEmpty(url)) {
url = ResolveClientUrl(url);
}
else {
// Use FormsAuthentication.LoginUrl as a fallback
url = FormsAuthentication.LoginUrl;
}
Page.Response.Redirect(url, false);
break;
}
}