I have the following controller auto-generated by asp.net
//
// POST: /Account/LogOff
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
AuthenticationManager.SignOut();
return RedirectToAction("Index", "Home");
}
Now I have a log off button. Currently it looks like this:
<div class="userdrop">
<ul>
<li><a href="@Url.Action("Manage", "Account")">Profile</a></li>
<li><a href="@Url.Action("LogOff", "Account")">Logout</a></li>
</ul>
</div><!--userdrop-->
But it does not work and I am guessing it is cause it is a Post action method.
How would I go about "logging off" ?
[EDIT]
Why is it auto-generated as an Http Post? Is it more secure that way? Does it not send the cookie with it when it logs out?
How would I go about "logging off" ?
By using a form instead of an anchor:
<li>
@using (Html.BeginForm("LogOff", "Account"))
{
@Html.AntiForgeryToken()
<button type="submit">Logout</button>
}
</li>
You could call the CSS wizards to style this button look like an anchor if you want. But the semantically correct element in this case is an html form which allows you to send a POST verb.