How can I check if the logged in user is admin by his id?

Question

How can I check if the logged in user is admin by his id?

Navigation

#1 by (0 votes)

1

I am working on my first login in this language, which when entering the correct credentials (user and password) will direct you to a specific page depending on whether you are a common user or administrator according to the assigned idRole, as shown.

    DataTable dt = new DataTable();
    sqlDa.Fill(dt);
    if (dt.Rows.Count > 0)
    {
        Session["username"] = txtUserName.Text.Trim();
        if (dt.Rows[0]["IdRole"].ToString() == "2")
            Response.Redirect("user/Default.aspx");
        else if
            (dt.Rows[0]["IdRole"].ToString() == "1")
            Response.Redirect("admin/Default.aspx");

    }
    else
    {
     lblErrorMessage.Visible = true; 
    }

In the pages you are directed to, you have a condition that prevents you from entering them unless there is a current session.

The problem is that if a logged-in user simply changes the address of this; user / Default.aspx to this; This already has access to its controls. What methods can I use to solve these problems?

asp.net

asked by KJSK 01.01.2019 в 00:11

source

1 answer

How can I delete a document in firebase if it has an automatic key? The char '0x0' after '' is not valid XML character

score 0 · Answer 1

to avoid that when you change the URL in the controllers you can use the attribute

[Authorize(Role="admin")]  todos los admin
[Authorize]  todos los user logueados

if you use Asp.Net Identity you can check the User.IsInRole ("RoleName") role