How to handle the back button after logout in webpages

Question

i am developing 2 webpages login, home.Once i login with valid credentials, going to home page and able to see the profile information.And when i click on logout i am coming to Login screen.But when i click on back button, again it's going to home screen.So please tell me how to handle this scenario or how to disable the back button of browser when we logout. My source lode looks like below.

def checkLogin(request):
  login = LoginForm(request.POST)
  usr = UserForm()
  try:
    user = User.objects.get(username=request.data['username'])
  except User.DoesNotExist:
    user = None  
  if user:
    if user.password == request.data['password']:
        request.session['is_logged_in']=True
        request.session['username']=user.username
        res = get_tokens_for_user(user)
        print('token is',res)
        request.session['token']= res['access']
        updateMemberWithToken(user.username,res['access'])
        updateMemberWithLogeedAt(user.username,res['access'])
        context = {'form':usr,'user':user}
        return render(request,'home.html',context)
    messages.success(request, 'Username and Password are not matched')
    return render(request,'login.html',{'form':login})   
messages.success(request,'User is not available')
return render(request,'login.html',{'form':login})

And logout button source is

function logout(){
        var xhr = new XMLHttpRequest();
        xhr.onreadystatechange = function() {
        if (this.readyState == 4 && this.status == 200) {
        // Here we go on the new page
        document.write(xhr.responseText);
        }
    };
        xhr.open("POST","/site/logout/");
        xhr.setRequestHeader('Authorization','Bearer dfdfdfgdfgdfgdfdfgd' ); 
        xhr.send({'username':user.username});
        return false;
    }

And logout function in views.py is

@cache_control(no_cache=True,must_revalidate=True)
@protected_resource()    
@api_view(['POST'])
def logout(request):
  request.session.flush()
  login = LoginForm()
  updateMemberWithToken(request.data['username'],'')
  response = HttpResponseRedirect('/')
  for cookie in request.COOKIES:
     print(cookie)
     response.delete_cookie(cookie)
  django.logout(request)    
  return response