c# - Adding user roles in runtime for ASP.NET Core API authorization -
my api using usejwtbearerauthentication , httpcontext.user.isauthenticated has true on value, can use [authorize] on controllers.
but want use role based authentication, [authorize(policy = "testpolicy")]. added desired policies on startup.cs using addauthorization(...) extension.
the requests returning code 403 (unauthorized), because httpcontext.user.identity.roles not populated.
i created middleware populate property, , can roles of user usermanager.getrolesasync(user). have list of user roles, how can add curent httpcontext.user user authorized policies added?
while creating jwt store role in jwt claim, , create permission requirement:
public class permissionhandler : authorizationhandler<permissionrequirement> { protected override task handlerequirementasync(authorizationhandlercontext context, permissionrequirement requirement) { if (context.user.hasclaim(c => c.type == "role" && c.value = requirement.permission)) { system.console.writeline("user has required permission: " + requirement.permission); context.succeed(requirement); return task.completedtask; } system.console.writeline("user forbidden"); return task.completedtask; } } checkout following details:
https://github.com/adnan-kamili/aspnetcore-web-api-rest-starter-kit
Comments
Post a Comment