public IActionResult Detail(int id)
{
if (!httpContextAccessor.HttpContext.User.Identity.IsAuthenticated)
{
return(RedirectToRoute(new
{
controller = "Auth",
action = "Login"
}));
}
var drugModel = drug.GetById(id);
if (drugModel == null || drugModel.PatientId != UserInfoHelper.GetId(httpContextAccessor))
{
return(NotFound());
}
return(View(drugModel));
}