I am creating a authentication using node JS and express ,when user logout i destroyed the session ,but the problem is while pressing browser back button it goes to the secured page,how to prevent it .When visiting the secured page directly through the URL, its fine, it redirect to login page if not login
CodePudding user response:
This is probably your browser caching data. You should set your server to respond with the header Cache-Control: no-store, no-cache If you want to go a step further you can use the nocache middleware created by the same team that has created helmet