I managed to work Hangfire on my ASP.NET Core MVC application, and now I am trying to add admin authorization.
I added the following code to the Startup.cs file:
app.UseHangfireDashboard("/hangfire", new DashboardOptions
{
Authorization = new[] {new SecurityHelpers.AdminAuthorization.HangFireAuthorizationFilter() }
});
app.UseHangfireServer();
RecurringJob.AddOrUpdate( () => Debug.WriteLine("Minutely Job"), Cron.Minutely);
Now I have a problem with custom authorization filter:
public class HangFireAuthorizationFilter : IDashboardAuthorizationFilter
{
public bool Authorize(DashboardContext context)
{
return true;
}
}
There are samples for old configuration with IAutohorizationFilter, and form version 1.6.8 there is a new interface IDashboardAuthorizationFilter, and I can't figure out how to implement it.
My web application uses claims.
thnx
After performing these steps, open your browser and hit the http://<your-app>/hangfire URL to see the Dashboard. By default Hangfire allows access to Dashboard pages only for local requests. In order to give appropriate rights for production use, please see the Configuring Authorization section.
Hangfire is an open-source and well-documented task scheduler for ASP.NET and ASP.NET Core. It's multi-threaded, easily scalable, and offers a variety of job types. It's well structured, simple to use, and gives a powerful performance.
An easy way to perform background processing in .NET and .NET Core applications. No Windows Service or separate process required. Backed by persistent storage. Open and free for commercial use.
To add custom basic authentication in hangfire for asp.net core
Use Hangfire.Dashboard.Basic.Authentication nuget package.
Install using the command
Install-Package Hangfire.Dashboard.Basic.Authentication
Reference
In startup configure method add the following
app.UseHangfireDashboard("/hangfire", new DashboardOptions
{
//AppPath = "" //The path for the Back To Site link. Set to null in order to hide the Back To Site link.
DashboardTitle = "My Website",
Authorization = new[]
{
new HangfireCustomBasicAuthenticationFilter{
User = _configuration.GetSection("HangfireSettings:UserName").Value,
Pass = _configuration.GetSection("HangfireSettings:Password").Value
}
}
});
Add the following in the appsettings.json (Use your username and password)
"HangfireSettings": {
"UserName": "admin",
"Password": "password"
}
Here's my implementation for .NET Core:
public class HangfireAuthorizationFilter : IDashboardAuthorizationFilter {
private string policyName;
public HangfireAuthorizationFilter(string policyName) {
this.policyName = policyName;
}
public bool Authorize([NotNull] DashboardContext context) {
var httpContext = context.GetHttpContext();
var authService = httpContext.RequestServices.GetRequiredService<IAuthorizationService>();
return authService.AuthorizeAsync(httpContext.User, this.policyName).ConfigureAwait(false).GetAwaiter().GetResult().Succeeded;
}
}
Set it up in the Startup
Configure
with:
app.UseHangfireDashboard(
pathMatch: "/hangfire",
options: new DashboardOptions() {
Authorization = new IDashboardAuthorizationFilter[] {
new HangfireAuthorizationFilter("somePolicy")
}
});
Make sure that the policy you've chosen (eg. "somePolicy") is set up previously in Startup
ConfigureServices
. For example:
services.Configure<AuthorizationOptions>(options => {
options.AddPolicy("somePolicy", policy => {
// require the user to be authenticated
policy.RequireAuthenticatedUser();
// Maybe require a claim here, if you need that.
//policy.RequireClaim(ClaimTypes.Role, "some role claim");
});
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With