Asp.net mvc 无法使用表单身份验证从网站完全注销

我正在使用表单身份验证对我的网站中的请求进行身份验证和授权

以下是登录代码：

var objLogin = new LoginModel { Email = model.Email, Password = CommonMethod.Encryptdata(model.Password) };
var UserDetail = Users.LoginUser(objLogin); 
if (UserDetail.ErrorMessage == "SuccessLogin")
{
    var UserData = UserDetail.UserId + "," + UserDetail.UserRole + "," + UserDetail.Email + "," + UserDetail.FirstName + "," + UserDetail.LastName;
    DateTime expirydate = DateTime.Now.AddDays(10);
    var Ticket = new FormsAuthenticationTicket(1, UserDetail.Email, DateTime.Now, expirydate, true, UserData, FormsAuthentication.FormsCookieName);
    string hashCookies = FormsAuthentication.Encrypt(Ticket);
    var Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
    Response.Cookies.Add(Cookie);
    ViewBag.InActiveStatus = "";

    //Code for expiration
    if (Ticket.IsPersistent)
    {
        Cookie.Expires = Ticket.Expiration;
    }

    if (!string.IsNullOrEmpty(returnUrl))
    return Redirect(returnUrl);
}

我正在使用持久cookie

用于注销网站的方法包含以下代码：

FormsAuthentication.SignOut();

Session.Abandon();
Session.Clear();
Session.RemoveAll();

string[] myCookies = Request.Cookies.AllKeys;

foreach (string cookie in myCookies)
{
    Response.Cookies[cookie].Expires = DateTime.Now.AddYears(-1);
}

return RedirectToAction("Login", "Account");

我面临的问题是，在注销后，我可以在家用控制器上冲浪 页。我已经在所有主控制器方法上实现了AuthorizeRoles=user

[Authorize(Roles = "user")]
public ActionResult Index()

但是我不能在家以外的其他控制器上浏览网页 在质询控制器中，使用以下方法：

[Authorize(Roles = "user")]
public ActionResult MyChallenges()

当我强制清理浏览器cookies时，问题就解决了。但从用户体验的角度来看，这不推荐给普通用户

---

请告诉我为什么会这样？提前谢谢

各位专家您好

我还在等我的答案

谢谢 伊玛斯图