Checking login user role in razor page

by 

@if (Request.IsAuthenticated && User.Identity.Name=="administrator")
{
     <div id="sidebar">
        <div class="module">
        <ul class="menu">
                            <li>@Html.ActionLink("Home", "Index", "Home")</li>
                            <li>@Html.ActionLink("About", "About", "Home")</li>
                            <li>@Html.ActionLink("Contact", "Contact", "Home")</li>
                        </ul>
         </div>
         <div class="mainContent">
             Hello, @User.Identity.Name !
         </div>
     </div>

This is my layout if the user is authenticated as administrator but this sort of check looks no good, I need to check the role of the user not his name.

Here is the controler method 

    public ActionResult AuthenticatedUserLayout(string username) 
    {
        var lst=userContext.UserProfiles.ToList();
        var user = lst.Select(u => u.UserName == username);

        if(IsAdmin(Session["LoginUser"].ToString())) return View(user); else return Index();
    }

I also find that return View(user) is no good, because I don’t know how to make any use of that user.

Contents hide
Answers:
Method 1
Method 2
Method 3

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

@if (Request.IsAuthenticated && User.IsInRole("Administrators"))
{
     <div id="sidebar">
        <div class="module">
           <ul class="menu">
              <li>@Html.ActionLink("Home", "Index", "Home")</li>
              <li>@Html.ActionLink("About", "About", "Home")</li>
              <li>@Html.ActionLink("Contact", "Contact", "Home")</li>
            </ul>
         </div>
         <div class="mainContent">
             Hello, @User.Identity.Name !
         </div>
     </div>
}

Method 2

For ASP.NET Core Razor Pages

if (User.Identity.IsAuthenticated && User.IsInRole("Administrator"))

Method 3

Dave’s answer is correct. I would suggest that you consider using a property on your model called IsAdministrator or CanSeeSidebar and treat answering that question as domain logic.

The view should work only with the model. Looking at the thread, reading from a database, are the same in respect that they answer domain questions. All those types of questions should be answered before your controller hands the model off to the view.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x