Search code examples
asp.net-coreauthenticationauthorizationrole-based

Role-based authorization with ASP.NET Core 5.0

I can't define my Admin, Company, Agency roles because

services.AddDefaultIdentity<IdentityUser>()
        .AddRoles<IdentityRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>();

is not working or is not defining and it gives me an error

Error   CS1061  'IServiceCollection' does not contain a definition for 'AddDefaultIdentity' and no accessible extension method 'AddDefaultIdentity' accepting a first argument of type 'IServiceCollection' could be found (are you missing a using directive or an assembly reference?)

Here is my ConfigureServices method:

public void ConfigureServices(IServiceCollection services)
{
    services.AddMvc();
    services.AddControllersWithViews();
    services.AddDbContext<TradeTurkDBContext>();
    services.AddDefaultIdentity<IdentityUser>()
            .AddRoles<IdentityRole>()
            .AddEntityFrameworkStores<TradeTurkDBContext>();

    services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
            .AddCookie(x =>
            {
                ...
            });
    services.AddMvc(config =>
        {
            ...
        });
}

And here is my using libraries

using BL.TradeTurk;
using DAL.TradeTurk;
using Entities.TradeTurk;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using System.Security.Claims;

Can anyone tell me which part I am missing?

I looked at that AddRoles part in the Microsoft sources and there is nothing different my code and their source code.

Here is Microsoft source down to the page.

Solution

  • I think The problem was in the order of Authentication and Authorization in the pipeline, Authentication should always be placed before Authorization. Change your middleware order in Configure method like below:-

    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
            if (env.IsDevelopment())
                app.UseDeveloperExceptionPage();
            else
                app.UseExceptionHandler("/Home/Error");

            app.UseStaticFiles();
            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();
                
            app.UseEndpoints(endpoints =>
                {
                    endpoints.MapControllers();
                    endpoints.MapControllerRoute(
                        name: "default",
                        pattern: "{controller=Account}/{action=Login}/{id?}");
                });
}