A Visual Studio 2015 project which shows how to implement authentication and role based authorization with ASP.NET identity in the ASP.NET Core MVC application.
The code illustrates the following topics:
- Listings, create, update and delete application roles.
- Listings, create, update and delete application users.
- Assign and update an application role to the application user.
- Login and Logout functionality.
- Role-based authorization.
- Access denied implemented for unauthorized users.
- Remember me for the authenticate user.
- Show username of the authenticated user.
- Custom application user and role classes.
To build and run this sample as-is, you must have Visual Studio 2015 installed. In most cases you can run the application by following these steps:
- Download and extract the .zip file.
- Open the solution file in Visual Studio.
- Change connection string in the appsettings.json file of the web application.
- Run the following command for migration and create database.
- Tools –> NuGet Package Manager –> Package Manager Console
- PM> Add-Migration MyFirstMigration
- PM> Update-Database
- Run the application.
Running the Sample
To run the sample, hit F5 or choose the Debug | Start Debugging menu command. You will see the role list screen. From this screen you have role listing screen as shown in below figure. There are also top menu for the ‘Role’ when clicks on that then same screen opens.
Figure 1: Role listing
Now click on “Add Role” button to add new application role in the application as per following screen.
Figure 2: Add Application Role
As per figure 1, Delete button uses to delete individual application role as per following figure.
Figure 3: Delete Application Role
Now clicks on User menu on the top and shows the application users listing as shown in below figure.
Figure 4: Application User Listing
Now click on “Add User” button to add new application user in the application as per following screen.
Figure 5: Add Application User
As per figure 4, Edit button uses to edit individual application user as per following figure.
Figure 6: Edit Application User
As per figure 4, Delete button uses to delete individual application role as per following figure.
Figure 7: Delete Application User
Now click on Log In menu button on top the right corner and login with following screen.
Figure 8: User Login Screen
Clicks on ‘Log In’ button as role based show following screen.The authenticate user must have 'User' role to access this screen.
Figure 9: Welcome Screen After Authorisation
If authenticate user is not authorised then shown following screen.
Figure 10: UnAuthorised Screen
Source Code Overview
Most of folders play same role as in MVC application but there are following more folder and files.
- wwwroot: It holds static js and css files.
- appsettings.json:It holds database connection string.
- Migrations: It holds database migration files.
- ApplicationUser: Custom identity User Class.
- ApplicationRole: Custome Identity Role Class.