0

Whenever the user clicks logout from my website's page I log him out on server (destroy session and autologin token). Should I refresh the page or I can just update header part where the user name is displayed?

Max Koretskyi
  • 101,079
  • 60
  • 333
  • 488
  • Can you add any more detail as to what you are trying to achieve? Thanks. – SilverlightFox Feb 06 '14 at 17:19
  • I'm not trying to do anything :). I simply want to know if I shoud refresh the page after I log out a user. I know how to do that. – Max Koretskyi Feb 06 '14 at 19:08
  • Well it very much depends on your site. Eg. Is there any user specific sensitive data displayed? I was just asking for a bit of background detail in order to help you. – SilverlightFox Feb 06 '14 at 20:03
  • @SilverlightFox, no, there is no sensitive data displayed. If the user being logged out is currently watching a page specific to user data, I'll redirect him. However if the is on the page that has no user information, I don't see a reason to refresh a page. And I have the same question for logging in - should I refresh the page? I'm asking this because I see many websites do that. – Max Koretskyi Feb 08 '14 at 19:44

2 Answers2

1

You can just update the part that displays the current logged in username. Any links then followed will be then accessed in the logged out state since the cookie will now be cleared (assuming authentication is done via cookies).

SilverlightFox
  • 32,436
  • 11
  • 76
  • 145
0

Well, since we are talking about web... JavaScript, jQuery and AJAX might be the answer to your question. Just send the logout request through AJAX, validate the answer and then with jQuery or JavaScript remove/hide the header part.

Jhuliano Moreno
  • 929
  • 8
  • 23