I've implemented role based auth several times pre 2.1. Followed the steps to scaffold the new 2.1 identities.
I extended the IdentityUser model to add additional fields, login works fine, new fields are present.
startup.cs configure services contains
services.AddDefaultIdentity<AppUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
I seeded the roles
IdentityRole role = new IdentityRole();
role.Name = "Administrator";
IdentityResult roleResult = roleManager.
CreateAsync(role).Result;
Then created a user and added to the role
AppUser user = new AppUser();
user.UserName = "Admin";
user.Email = "admin@admin.com";
user.Name = "Administrator";
user.LockoutEnabled = false;
user.EmailConfirmed = true;
IdentityResult result = userManager.CreateAsync(user, "password").Result;
if (result.Succeeded)
{
userManager.AddToRoleAsync(user, "Administrator").Wait();
}
Everything succeeded, and the database looks fine (AspNetUserRoles has links)
However, decorating a controller with a role will always return not authorized
[Authorize(Roles = "Administrator")]
But, a simple login check with [Authorize]
(no role) will work.
How might I fix this/what is the easiest way to incorporate the source code so I can step through/debug the [Authorize]
tags?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…