2

When the logged-in user clicks on the browser back button, he falls back to the login page from the main page he entered. And this happens without being routed in any way and running the controller functions because the browser's cache is loaded. I tried to clean all cache via middleware, but it didn't happen. Then, if the user tries to fill in his information from the login page and enter again, 419 page expired error is coming. I tried to do this with session checking method. I gave a key to the session, but the controller didn't recognize the key in the session because it didn't work. I looked through the history library (history.js) but couldn't find the solution as I wanted. My aim was to log out when the user presses the browser back button and show a box like Are you sure you want to exit, and then allow him to log in again. unfortunately, I couldn't do this in laravel I really need help and I can't find solution I think it can be done with AJAX or JS but I'm not sure. I am suffering from this situation for days. Your help will be rewarded. Thank you to everyone who has already read.

Doctor starter
  • 35
  • 2
  • 9
  • 2
    This is kind of the user's fault really IMO - if they log in and then immediately press back, what were they thinking? What were they trying to achieve. Probably if they press forward again they'd be ok instead of trying to log in again. It's an unfortunate side effect of the way the web works, but I doubt it would happen much in reality and I'm not sure you should worry about it. If it was easily solveable it would probably be built into the authentication module already – ADyson Jul 29 '21 at 20:11
  • You are right, when they press forward, they would ok but I check out some websites that use PHP, and websites already had this system which is on my mind. @ADyson – Doctor starter Jul 29 '21 at 20:30
  • 1
    You mean they actually log you out in that situation? Or they just don't crash if you try to repeat the login process? Those are two slightly different things. Have you got a link to such a site? – ADyson Jul 29 '21 at 22:36
  • Log out is probably safer. In that way, they don't crash if try to repeat the login. How can I do that? The website is with edu extension so just students could loggin. That is why you can't loggin. @ADyson – Doctor starter Jul 30 '21 at 08:43
  • 1
    No I was asking you what the edu site you found actually does. Does it really log you out automatically when you press back? Or does it actually just simply not crash if you end up submitting the login form again whilst already logged in? The latter is likely to be much easier to implement and solves the user experience problem. – ADyson Jul 30 '21 at 08:51
  • 1
    P.s. if you're using Laravel then https://stackoverflow.com/a/53253184/5947043 probably explains why you get a 419 in this scenario – ADyson Jul 30 '21 at 08:53
  • 1
    Can you please verify that the Cache-Control header on the login page contains "no-store"? – Pieter van den Ham Jul 30 '21 at 09:44
  • I tried all of these answers on my project but didn't work. I guess I am suffering from sessions too. storage/framework/sessions not stored well users data when trying to login again. @ADyson – Doctor starter Aug 03 '21 at 11:11
  • header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); I used something like this @Pete – Doctor starter Aug 03 '21 at 11:22
  • 1
    Hmm, try using "Cache-Control: no-store" and verify in the Chrome Dev Tools (or Firefox' equivalent) that that header is indeed sent correctly. no-store directs the browser to always request the content of a web page again, even when using the back button. – Pieter van den Ham Aug 03 '21 at 12:06
  • I used Chrome and Firefox Dev Tools but the cache looks empty without PHP header. Is it possible that it's caused by something else? @Pete – Doctor starter Aug 03 '21 at 22:39

0 Answers0