Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Victoria Kabishova2021-01-26 13:22:49
ASP.NET
Victoria Kabishova, 2021-01-26 13:22:49

What do I need to put in the role-based authorization code in ASP.NET Core?

Hello, I am doing a project and I need to make sure that only read-only mode is available to non-authenticated users (search is available, company creation is not available, comments, likes and ratings are not available) and Authenticated users have access to everything except the admin panel. I want to do this with role-based authorization in ASP.NET Core - https://docs.microsoft.com/en-us/aspnet/core/secur... . But I don't know what to write inside.

using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace MyWebSite.Models
{
    [Authorize(Roles = "User")]
    public class UserController : Controller
    {
        // что здесь писать?
    }
}


using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace MyWebSite.Models
{
    [Authorize(Roles = "Administrator")]
    public class AdministratorController : Controller
    {
        // что здесь писать?
    }
}


using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace MyWebSite.Models
{
    [Authorize]
    public class VisitorsController : Controller
    {
        public ActionResult SetTime()
        {
             // что здесь писать?
        }

        [AllowAnonymous]
        public ActionResult Login()
        {
             // что здесь писать?
        }
    }
}

Here's a Git link just in case - https://github.com/Parsifal31017/MyWebSite.git
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
V
Vasily Bannikov, 2021-01-26
@Parsifal31017

write your own business logic. You have already "explained" to aspnet that only users with a specific role can access these methods.

Report
V
Vladimir Korotenko, 2021-01-26
@firedragon

Hoch.
https://docs.microsoft.com/ru-ru/aspnet/web-api/ov...
https://identityserver4.readthedocs.io/en/latest/
However, I recommend using AZURE AD, it's fast and not very stressful

Report
B
BasiC2k, 2021-01-26
@BasiC2k

if (!User.IsInRole("User")) { return; }
but in fact, you have here:
[Authorize(Roles = "User")]
there is already a cutoff by role.

Similar questions
C
c4ptain_h3mp2020-01-23 12:16:13
How to solve the problem: Response does not return .docx for download to the user's browser? 0Reply
L
Laziz Ergashev2017-08-28 10:31:54
NopCommerce How to add courier delivery with shipping costs? 0Reply
D
Dudki2017-09-05 09:25:50
Am I reading the OnModelCreating(...) function statement correctly? 1Reply
N
Nikolai Kuzyk2017-09-06 15:42:03
ASP.NET MVC Learning Order? 1Reply
T
ThiefOfMists2017-09-13 15:34:24
ASP.NET MVC IIS server auto warmup? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question