Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Victoria Kabishova2021-01-26 13:22:49
ASP.NET
Victoria Kabishova, 2021-01-26 13:22:49

What do I need to put in the role-based authorization code in ASP.NET Core?

Hello, I am doing a project and I need to make sure that only read-only mode is available to non-authenticated users (search is available, company creation is not available, comments, likes and ratings are not available) and Authenticated users have access to everything except the admin panel. I want to do this with role-based authorization in ASP.NET Core - https://docs.microsoft.com/en-us/aspnet/core/secur... . But I don't know what to write inside.

using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace MyWebSite.Models
{
    [Authorize(Roles = "User")]
    public class UserController : Controller
    {
        // что здесь писать?
    }
}


using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace MyWebSite.Models
{
    [Authorize(Roles = "Administrator")]
    public class AdministratorController : Controller
    {
        // что здесь писать?
    }
}


using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace MyWebSite.Models
{
    [Authorize]
    public class VisitorsController : Controller
    {
        public ActionResult SetTime()
        {
             // что здесь писать?
        }

        [AllowAnonymous]
        public ActionResult Login()
        {
             // что здесь писать?
        }
    }
}

Here's a Git link just in case - https://github.com/Parsifal31017/MyWebSite.git
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
V
Vasily Bannikov, 2021-01-26
@Parsifal31017

write your own business logic. You have already "explained" to aspnet that only users with a specific role can access these methods.

Report
V
Vladimir Korotenko, 2021-01-26
@firedragon

Hoch.
https://docs.microsoft.com/ru-ru/aspnet/web-api/ov...
https://identityserver4.readthedocs.io/en/latest/
However, I recommend using AZURE AD, it's fast and not very stressful

Report
B
BasiC2k, 2021-01-26
@BasiC2k

if (!User.IsInRole("User")) { return; }
but in fact, you have here:
[Authorize(Roles = "User")]
there is already a cutoff by role.

Similar questions
R
Romanchitoz2019-03-16 17:11:47
How to make an ASC.NET C# test generator? 1Reply
B
babaevmm2016-10-17 15:12:47
How to make friends mvc and web api in one project? 1Reply
T
termitik2019-03-21 06:01:08
How to use ASP.NET databases? 2Reply
R
Roman Rakzin2020-12-10 20:43:39
How to create a client-server video player connection, so that the video would be broadcast in fragments and it would be impossible to download it? 1Reply
R
Roman Rakzin2016-10-30 22:07:17
How to remove the limit on uploading large files to an ASP.NET MVC server? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question