ASP.NET Core 2
Help me to configure AddAuthentication
for two routes: users (user accounts) and admin area.
For example, if user doesn't signed in and trying to enter /Account/Orders/
he'll be redirected to /Account/SignIn/
.
But if someone trying access /Admin/Orders/
must be redireted to /Admin/Signin/
Have not found ay solution ATM.
Authentication is the process of determining a user's identity. Authorization is the process of determining whether a user has access to a resource. In ASP.NET Core, authentication is handled by the authentication service, IAuthenticationService, which is used by authentication middleware.
Authentication is knowing the identity of the user. For example, Alice logs in with her username and password, and the server uses the password to authenticate Alice. Authorization is deciding whether a user is allowed to perform an action. For example, Alice has permission to get a resource but not create a resource.
Solved!
In admin
area (controllers) we using Authorize attr. arg.: [Authorize(AuthenticationSchemes = "backend")]
and that is.
BTW we are able to make any tuning by accessing HttpContext in AddCookie's options and events.
Configuration:
services
.AddAuthentication(o =>
{
o.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, o =>
{
o.LoginPath = new PathString("/account/login/");
})
.AddCookie("backend", o =>
{
o.LoginPath = new PathString("/admin/account/login/");
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With