Hi all,
In my web application, after logging out, if Back button of the browser
is clicked, it takes to the previous logged in pages and allows all
operations without logging in. The layout, however, doesn’t change, but
the yield pages.
Please help me prevent that back button operation after logout. Given
below is my logout controller. #Controller
def logout
if session[:admin] || session[:user]
reset_session
flash[:notice] = ‘Logged out successfully’
redirect_to :controller => ‘homes’, :action => ‘index’
else
flash[:error] = ‘Not logged in’
end
end
You can add a before_filter to your controllers to ensure that the user
is logged in.
I use restful authentication (that provides the login_required method),
and I let anyone see the index listing of a table, or a show of any
individual record, but create, update, new, delete, etc, are all locked
behind a logged in session.
You can add a before_filter to your controllers to ensure that the user
is logged in.
I use restful authentication (that provides the login_required method),
and I let anyone see the index listing of a table, or a show of any
individual record, but create, update, new, delete, etc, are all locked
behind a logged in session.