I'm developing my first application in Asp.NET MVC and now creating the restriction and authorization part of users. I would like to do this so that the menus in my application would only be accessible to certain users.
For example:
@if ("administrador")
{
<li>@Html.ActionLink("Agenda", "Index", "Agenda")</li>
<li>@Html.ActionLink("Criar", "Create", "Agenda")</li>
}
That is, in my layout identify which type of user can see that menu. So my questions are:
Cookie
, nor Session
in my application, is it via Windows Authentication? I get user authentication through a class
public static class UserDetails
{
public static string GetMatricula(string userName)
{
string matricula = userName.Substring(userName.IndexOf(@"\") + 1);
return matricula;
}
}
And in the controller I have
public ActionResult Index()
{
var matricula = UserDetails.GetMatricula(User.Identity.Name);
var usuario = db.Usuarios.FirstOrDefault(x => x.Matricula == matricula);
}
The enrollment field is the same as the user's log on Windows . This way as soon as the user signs in to the application, he automatically opens with his name and enrollment