Using Claims Replacing Sessions

0

I am refactoring an application that I am developing, applying good ASP.NET MVC practices to it, there is a difficulty in understanding the Claims and how to apply it to replace Session usage. When I log in to the application I save some information in sessions as below in the code:

//
    // POST: /Account/Login
    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
    {
        if (!ModelState.IsValid)
        {
            return View(model);
        }

        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, change to shouldLockout: true
        model.Email = model.UserName;
        var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
        switch (result)
        {
            case SignInStatus.Success:
                var user = await UserManager.FindAsync(model.UserName, model.Password);
                Session["UserId"] = user.Id;
                Session["PerfilUsuario"] = user.PerfilUsuario;
                switch (Session["PerfilUsuario"].ToString())
                {
                    case "1": //Administrador
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = true;
                        Session["TipoChamadoVisivel"] = true;
                        Session["SelecionarResponsavelAbertura"] = true;
                        break;
                    case "2": //SuperiorBRA
                        Session["SetorVisivel"] = false;
                        Session["ObraVisivel"] = true;
                        Session["TipoChamadoVisivel"] = false;
                        Session["SelecionarResponsavelAbertura"] = false;
                        break;
                    case "3": //Tecnico
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = false;
                        Session["TipoChamadoVisivel"] = true;
                        Session["SelecionarResponsavelAbertura"] = true;
                        break;
                    case "4": //Usuário
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = false;
                        Session["TipoChamadoVisivel"] = false;
                        Session["SelecionarResponsavelAbertura"] = false;
                        break;
                    case "5": //Gestor
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = false;
                        Session["TipoChamadoVisivel"] = true;
                        Session["SelecionarResponsavelAbertura"] = true;
                        break;
                    case "6": //Administrador da Obra
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = false;
                        Session["TipoChamadoVisivel"] = true;
                        Session["SelecionarResponsavelAbertura"] = true;
                        break;
                    default:
                        Session["SetorVisivel"] = true;
                        Session["ObraVisivel"] = false;
                        Session["TipoChamadoVisivel"] = true;
                        break;
                }                    
                if (user.PerfilUsuario == 1 || user.PerfilUsuario == 6)
                {
                    return RedirectToAction("Index", "Home");
                }
                else
                {
                    return RedirectToAction("Index", "Chamado");
                }
            case SignInStatus.LockedOut:
                return View("Lockout");
            case SignInStatus.RequiresVerification:
                return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
            case SignInStatus.Failure:
            default:
                ModelState.AddModelError("", "Invalid login attempt.");
                return View(model);
        }
    }

I would like to remove the use of the session and put in Claims, I believe that I still have doubts in understanding the Claims so I am not visualizing how to replace, who can help me, I will be very grateful.     

asked by anonymous 16.09.2015 / 20:14

0 answers