Back button works even after logout - How to prevent?

Hi all,
In my web application, after logging out, if Back button of the browser
is clicked, it takes to the previous logged in pages and allows all
operations without logging in. The layout, however, doesn’t change, but
the yield pages.

Please help me prevent that back button operation after logout. Given
below is my logout controller.
#Controller
def logout
if session[:admin] || session[:user]
reset_session
flash[:notice] = ‘Logged out successfully’
redirect_to :controller => ‘homes’, :action => ‘index’
else
flash[:error] = ‘Not logged in’
end
end

Your prompt response is appreciated.

You can add a before_filter to your controllers to ensure that the user
is logged in.

I use restful authentication (that provides the login_required method),
and I let anyone see the index listing of a table, or a show of any
individual record, but create, update, new, delete, etc, are all locked
behind a logged in session.

before_filter :login_required, :except => [:index, :show]

You need to
Protect all of your controllers with a before filter that redirects to
login unless they’re logged in.

Sent from my iPhone

On 29/01/2009, at 4:39 PM, Tony P.
<[email protected]

Julian L. wrote:

You need to
Protect all of your controllers with a before filter that redirects to
login unless they’re logged in.

Sent from my iPhone

On 29/01/2009, at 4:39 PM, Tony P.
<[email protected]

Thank you very much… Julian.

Ar Chron wrote:

You can add a before_filter to your controllers to ensure that the user
is logged in.

I use restful authentication (that provides the login_required method),
and I let anyone see the index listing of a table, or a show of any
individual record, but create, update, new, delete, etc, are all locked
behind a logged in session.

before_filter :login_required, :except => [:index, :show]

Thank you very much… Chron. It was very helpful.