## WebSecurity.IsCurrentUser() Method
The `WebSecurity.IsCurrentUser()` method is a built-in helper in ASP.NET Web Pages (specifically within the SimpleMembership provider) used to determine if a specified username matches the username of the currently logged-in user.
This method is highly useful for implementing user-specific access controls, personalizing UI elements, and verifying ownership of resources before performing sensitive operations.
---
## Definition
The `IsCurrentUser()` method compares a provided username string against the username of the currently authenticated user session.
---
## Syntax
This method can be used in both C# and VB.NET within your Razor pages.
### C# Syntax
```csharp
WebSecurity.IsCurrentUser(userName)
```
### VB.NET Syntax
```vb
WebSecurity.IsCurrentUser(userName)
```
---
## Parameters
| Parameter | Type | Description |
| :--- | :--- | :--- |
| `userName` | String | The username you want to compare against the currently logged-in user. |
---
## Return Value
| Return Type | Description |
| :--- | :--- |
| **Boolean** | Returns `true` if the specified `userName` matches the username of the currently logged-in user; otherwise, returns `false`. |
---
## Code Examples
### Example 1: Conditional UI Rendering (Razor C#)
This example demonstrates how to use `IsCurrentUser()` to conditionally display an "Edit Profile" button only if the profile page being viewed belongs to the currently logged-in user.
```cshtml
@{
// Retrieve the username from the query string (e.g., Profile.cshtml?user=john_doe)
var profileOwner = Request;
// Check if the logged-in user is viewing their own profile
bool isOwnProfile = WebSecurity.IsCurrentUser(profileOwner);
}
User Profile
Profile of @profileOwner
@if (isOwnProfile) {
Welcome to your dashboard!
} else {
You are viewing @profileOwner's public profile.
}
```
---
## Errors and Exceptions
Any call to the `WebSecurity` object, including `IsCurrentUser()`, will throw an **InvalidOperationException** under the following conditions:
* **The database connection is not initialized:** The `WebSecurity.InitializeDatabaseConnection()` method has not been called (typically configured in `_AppStart.cshtml`).
* **SimpleMembership is not initialized:** The SimpleMembership system is either not initialized or has been explicitly disabled in the website configuration (`web.config`).
---
## Technical Data
| Property | Value |
| :--- | :--- |
| **Namespace** | `WebMatrix.WebData` |
| **Assembly** | `WebMatrix.WebData.dll` |
---
## See Also
* (webpages-ref-websecurity.html)
* [WebSecurity.CurrentUserName Property](met-websecurity-currentusername.html)
* [WebSecurity.IsAuthenticated Property](met-websecurity-isauthenticated.html)