When I click on logout I am taken to util/logout.aspx however when I navigate back to the main page of our website I am still logged in and can access the CMS backend.
From what I can tell the cookie .AspNet.ApplicationCookie is not being deleted.
In our PageControllerBase.cs we have:
public ActionResult Logout()
{
UISignInManager.Service.SignOut();
return RedirectToAction("Index");
}Which when I compare it to the Alloy EpiServer demo appears to be identitical.
Where else do I need to look to check what could be the issue?
In case it is also relevant, we are using a custom login page:
namespace Project.Site.Controllers
{
public class CustomLoginController : Controller
{
private UISignInManager uiSignInManager = ServiceLocator.Current.GetInstance<UISignInManager>();
private UIUserProvider uiUserProvider = ServiceLocator.Current.GetInstance<UIUserProvider>();
public ActionResult Index()
{
return View(Global.CustomLoginView);
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult LocalLogin(CustomLoginViewModel model)
{
if (ModelState.IsValid)
{
bool result = uiSignInManager.SignIn(uiUserProvider.Name, model.Username, model.Password);
if (result)
{
return Redirect(UrlResolver.Current.GetUrl(ContentReference.StartPage));
}
}
ModelState.AddModelError("LoginError", "Login failed");
return View(Global.CustomLoginView, model);
}
}
}