how to tell services.AddAuthorization where is my custom user and role table is
I just build my user and role policy table and a table for connecting these to gather but how to tell services.AddAuthorization to looking for which policy in which table.
I had read the document of Microsoft Role-based authorization but they don't use custom user and role table I even don't know how to ask my question I confused
I mean how did it know were looking for Administrator in this picture
I just build my user and role policy table and a table for connecting these to gather but how to tell services.AddAuthorization to looking for which policy in which table.
By default, in the official Microsoft document (about Role-based or Policy-based authorization), it uses the Asp.net core Identity to manage the user and role.
From you description, I assume you also use the Asp.net Identity page to login and logout, right? If that is the case, since you are using a custom user and role table, in the Login.cshtml.cs file, after user login successfully, you could query this table based on the login user's email and get the user's role. Then add the role claims to the current user. After that, you can create policy based on the claims.
You can check the following sample code:
In the Login.cshtml.cs page:
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
//find current user.
var user = await _userManager.FindByEmailAsync(Input.Email);
//based on user information to query the user and role policy table. Here I set the user role directly.
var userrole = "User";
if (user.UserName.Contains("aa"))
{
userrole = "Admin";
}
//add claims to current user.
await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Role, userrole));
var claimsPrincipal = await _signInManager.CreateUserPrincipalAsync(user);
await _signInManager.RefreshSignInAsync(user);
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
In the ConfigureServices method, create a policy based on the claims.
services.AddAuthorization(options =>
{
options.AddPolicy("RequiredAdmin", policy =>
policy.RequireClaim(ClaimTypes.Role, "Admin"));
});
Then, in the Configure method, add the following code:
app.UseAuthentication();
app.UseAuthorization();
and apply the policy to the action method:
[Authorize(Policy = "RequiredAdmin")]
public IActionResult Privacy()
{
return View();
}
The result as below: The User aa is Admin role, and the bb is User role.
Besides, here are some relate articles, you can refer them:
Policy-based authorization in ASP.NET Core
Policy-Based And Role-Based Authorization In ASP.NET Core 3.0 Using Custom Handler
Cookie Authentication In ASP.NET Core(if you don't use Asp.net core Identity, you can refer this article and configure the policy).
- How can I use Dependency Injection in an ASP.NET Core ActionFilterAttribute?
- How can I display a messagebox in ASP.NET?
- Sending IMs through an API
- Get url without querystring
- Blazor components and OnInitialized() inside another method
- Icon Doesn't Appear for MAUI Blazor App on Windows if Taskbar Icons are Combined
- inserting data into SQL DB from C# ASP.NET
- string.Format with variable names instead of numbers
- RouteValueDictionary ignores empty values
- How do I get the row I clicked with a button
- Binding gridview using stored procedure
- Zip Azure Storage Files and Return File from Web API returns corrupted files when unzipped
- Drop down list that allows blank or null to be selected
- Setting Base Path using ConfigurationBuilder
- DotNetZip (Ionic.Zip.dll) doesn't work with compress Chinese File or Folder name
- An exception has been raised that is likely due to a transient failure - connect local PostgreSQL to Docker container
- What is proper RegEx expression for SWIFT codes?
- Cannot return null from an action method with a return type of 'Microsoft.AspNetCore.Mvc.IActionResult'
- How do I get the currently loggedin Windows account from an ASP.NET page?
- what URL should Kestrel listen to in a docker container on Azure App Service
- WCF MessageContract not binding to classes - MessageContract is Null in endpoint
- How do I Create Azure Static Web App with Visual Studio?
- Preventing overwriting values one from another of the same application but different windows/tabs with different ID as query string
- InvalidCastException: Unable to cast object of type 'System.Linq.OrderedEnumerable to type 'System.Collections.Generic.List
- How to transform Model-View-Presenter architecture to WebAPI?
- ASP.Net dropdownlist not returning index on selectedindexchanged event
- GetProperty("pname") returns null
- How to query data with composite partition key in CosmosDb
- How to bypass validation for a button in ASP.NET?
- How to build a working Nix package from an ASP.NET project?