asp.net-roles

How do I make and use JWT role based authentication?

十年热恋 提交于 2021-02-08 09:58:01
问题 I follow the tutorial link below. https://fullstackmark.com/post/13/jwt-authentication-with-aspnet-core-2-web-api-angular-5-net-core-identity-and-facebook-login I am trying to understand how it works and I want to use role-based authentication using this token. so I made another policy in the Startup.cs file as below. And I tried to use it like [Authorize(Policy = "admin")] or [Authorize(Policy = "ApiUser")] in the controller but every time I try I get unauthenticated using postman . What am

How do I make and use JWT role based authentication?

帅比萌擦擦* 提交于 2021-02-08 09:57:29
问题 I follow the tutorial link below. https://fullstackmark.com/post/13/jwt-authentication-with-aspnet-core-2-web-api-angular-5-net-core-identity-and-facebook-login I am trying to understand how it works and I want to use role-based authentication using this token. so I made another policy in the Startup.cs file as below. And I tried to use it like [Authorize(Policy = "admin")] or [Authorize(Policy = "ApiUser")] in the controller but every time I try I get unauthenticated using postman . What am

Policy-based authorization vs authorize with role in .Net Core

余生长醉 提交于 2020-04-30 06:47:45
问题 What is the difference between using policy-based authorization and authorize with role, or there is no difference? [Authorize(Policy = "RequiredAdminRole")] and [Authorize(Roles = "Admin")] 回答1: For Role-based authorization , Roles are exposed to the developer through the IsInRole method on the ClaimsPrincipal class. In my opinion,there is no difference if you mean the Policy is configured as services.AddAuthorization(options => options.AddPolicy("RequiredAdminRole", policy => policy

How do I prevent duplicate membership users when using multiple roleproviders with different application names?

﹥>﹥吖頭↗ 提交于 2020-01-24 22:33:26
问题 I have a single membership provider which is using the '/' default application name. I then have multiple applications which share this common membership provider configuration. Each application has it's own role provider configuration, they all share the same database as the membership provider but use a different application name to isolate their roles from each other. When I create a member then a single user record is created and hence shared across all the applications. I then create

MVC 5 - Roles - AuthorizeAttribute outdated

放肆的年华 提交于 2019-12-24 21:25:23
问题 In my previous post i asked how to check/add user roles, but now i face another problem. Since microsoft moved to the new Identity 2.0, AuthorizeAttribute doesn't work anymore. Is there any substitute filter for the Authorize? EDIT: I've made some tests and [Authorize(Users = "SOME_ID")] works, but not [Authorize(Roles = "Admin")]. And i verified if the user was really in that role (Admin) 回答1: Actually [Authorize(Roles = "ROLENAME")] working fine. Check your userRoles (or AspNetUserRoles)

Inheritance of Authorized Roles in controller classes

蹲街弑〆低调 提交于 2019-12-22 11:33:04
问题 I've created controller classes to assist with Role authorization. I have a base class ControllersAuthorities , which is the highest level of authority. I have created the other classes to extend each base class. [Authorize(Roles = "Owner")] public abstract class ControllerAuthorities:Controller { } [Authorize(Roles = "Admin")] public abstract class AdminController:ControllerAuthorities { } [Authorize(Roles = "Employee")] public abstract class EmployeeController:AdminController { } [Authorize

Trying to get all roles in Identity

筅森魡賤 提交于 2019-12-22 04:01:30
问题 I am trying to get a list of all the roles in my application. I have looked at the following post Getting All Users... and other sources. Here is my code which I think is what I am supposed to do. var roleStore = new RoleStore<IdentityRole>(context) var roleMngr = new RoleManager<IdentityRole>(roleStore); List<string> roles = roleMngr.Roles.ToList(); However, I’m getting the following error: Cannot implicitly convert type GenericList(IdentityRole) to List(string) . Any suggestions? I am

Attribute inheriting from AuthorizeAttribute not working

帅比萌擦擦* 提交于 2019-12-21 17:56:46
问题 I'm currently trying to implement security in a new ASP MVC 5 application, based on user roles. The goal is to prevent users from accessing certain controllers or controller methods if they don't have a certain role (or higher). Based on what I've read on the question so far, I created an attribute that inherits AuthorizeAttribute which looks like this (MyAppRole is an enum, btw) : [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]

Get Role name in IdentityUserRole 2.0 in ASP.NET

情到浓时终转凉″ 提交于 2019-12-19 12:54:23
问题 Before the update of the dll's in the Entity Framework i was able to do this user.Roles.Where(r => r.Role.Name == "Admin").FisrtOrDefault(); Now, i can only do r.RoleId, and i can't find a way to retreive the name of thar Role Id. I'm using this in my controllers and in my AuthorizeAttribute class. Can someone help me here? Regards 回答1: Ask the RoleMananger? RoleManager.Roles. // or RoleManager.FindByIdAsync() // or RoleManager.FindByNameAsync() You may want to take some time and learn the

Asp.net MVC Let user switch between roles

心已入冬 提交于 2019-12-19 10:19:33
问题 I'm developing a complex website with users having multiple roles. The users are also coupled on other items in the DB which, together with their roles, will define what they can see and do on the website. Now, some users have more than 1 role, but the website can only handle 1 role at a time because of the complex structure. the idea is that a user logs in and has a dropdown in the corner of the website where he can select one of his roles. if he has only 1 role there is no dropdown. Now I