Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.NET Core 3.1 + Angular 9 role based authentication

Tags:

asp.net

angular

identity

I have created a web application with ASP.NET Core 3.1 and angular with the Visual Studio Template and enabled Authentication. enter image description here
Then I scaffolded the Identity and added this to the Startup.cs:

services.AddDefaultIdentity<ApplicationUser>(options => 
options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>().AddEntityFrameworkStores<ApplicationDbContext>();

services.AddIdentityServer().AddApiAuthorization<ApplicationUser, ApplicationDbContext>();

services.AddAuthentication().AddIdentityServerJwt();

After that I have created 3 users and assigned them different roles. When I add the Attribute [Authorize] to any controller action it works correctly. But how can I make it role based? I have tried [Authorize(Roles = "Administrator")] But it denied the access. On an unprotected method:

 var loggedinUser = await _userManager.FindByNameAsync(userid);
 var roles = await _userManager.GetRolesAsync(loggedinUser);

the roles list has the Administrator on it, so I do not know what I am missing to make it work. Also inside an Angular component, how can I get the role of the current logged in user?

like image 513
Momo Avatar asked Jun 18 '20 22:06

Momo

Video Answer

1 Answers

You can extend the implementation of default ProfileService of IdentityServer to include role claim like following way.

public class ExtendedProfileService : ProfileService<ApplicationUser>
{
    public ExtendedProfileService(UserManager<ApplicationUser> userManager, IUserClaimsPrincipalFactory<ApplicationUser> claimsFactory) : base(userManager, claimsFactory)
    {

    }

    public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
    {
        await base.GetProfileDataAsync(context);
        var user = await UserManager.GetUserAsync(context.Subject);
        var roles = await UserManager.GetRolesAsync(user);
        var claims = new List<Claim>();

        foreach (var role in roles)
        {
            claims.Add(new Claim("role", role));
        }
        context.IssuedClaims.AddRange(claims);
    }
}

And don't forget to register your extended profile service to dependency container

services.AddTransient<IProfileService, ExtendedProfileService>();
like image 113
Sithira Pathirana Avatar answered Oct 17 '22 22:10

Sithira Pathirana
Sign in to Comment

Related questions

"Visual Basic 10.0 does not support readonly auto-implemented properties" error in Visual Studio 2015
.NET printing on server side from asp.net
Web.Config might be “unreadable”
WsFederation authentication in Service Fabric Owin Pipeline not working
Unable to upload large video file
Breakpoints not hit when debug website project after update to VS 2015 Update 3
AutoComplete Extender - Scroll bar causes results to close?
Handle cross site scripting flaw raised by veracode
Order of messages in SingalR - how to ensure it
How to execute a stored procedure and forget about it using C# and Entity Framework?
ASP.NET Web API site virtual directory is accessible, but controller actions return HTTP 503
get UTC DateTime from query string
Access windows Authenticated Web API through Angular 2 without login prompt
References and external class use problems
SignalR with paging using Groups
how to load xml node into html textboxfor
Why doesn't an AsyncLocal flow from OWIN middleware to a WebForms page?
JWT How to add custom claims and decode claims
Remote Debugging ASP.NET VSCode
ASP.NET session is overwritten

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!