TRUNGTQ

Think Big, Act Small, Fail Fast and Learn Rapidly

NAVIGATION - SEARCH

ASP.NET Core MVC: Authentication and Role Based Authorisation with Identity

Introduction

A Visual Studio 2015 project which shows how to implement authentication and role based authorization with ASP.NET identity in the ASP.NET Core MVC application.

The code illustrates the following topics:

  1. Listings, create, update and delete application roles.
  2. Listings, create, update and delete application users.
  3. Assign and update an application role to the application user.
  4. Login and Logout functionality.
  5. Role-based authorization.
  6. Access denied implemented for unauthorized users.
  7. Remember me for the authenticate user.
  8. Show username of the authenticated user.
  9. Custom application user and role classes.

Getting Started

To build and run this sample as-is, you must have Visual Studio 2015 installed. In most cases you can run the application by following these steps:

  1. Download and extract the .zip file.
  2. Open the solution file in Visual Studio.
  3. Change connection string in the appsettings.json file of the web application.
  4. Run the following command for migration and create database.
    • Tools –> NuGet Package Manager –> Package Manager Console
    • PM> Add-Migration MyFirstMigration
    • PM> Update-Database
  5. Run the application.

Running the Sample

To run the sample, hit F5 or choose the Debug | Start Debugging menu command. You will see the role list screen. From this screen you have role listing screen as shown in below figure. There are also top menu for the ‘Role’ when clicks on that then same screen opens.

Figure 1: Role listing

Now click on “Add Role” button to add new application role in the application as per following screen.

Figure 2: Add Application Role

As per figure 1, Delete button uses to delete individual application role as per following figure.

Figure 3: Delete Application Role

Now clicks on User menu on the top and shows the application users listing as shown in below figure.

Figure 4: Application User Listing

Now click on “Add User” button to add new application user in the application as per following screen.

Figure 5: Add Application User

As per figure 4, Edit button uses to edit individual application user as per following figure.

Figure 6: Edit Application User

As per figure 4, Delete button uses to delete individual application role as per following figure.

Figure 7: Delete Application User

Now click on Log In menu button on top the right corner and login with following screen.

Figure 8: User Login Screen

Clicks on ‘Log In’ button as role based show following screen.The authenticate user must have 'User' role to access this screen.

Figure 9: Welcome Screen After Authorisation

If authenticate user is not authorised then shown following screen.

Figure 10: UnAuthorised Screen

Source Code Overview

Most of folders play same role as in MVC application but there are following more folder and files.

  1. wwwroot: It holds static js and css files.
  2. appsettings.json:It holds database connection string.
  3. Migrations: It holds database migration files.
  4. ApplicationUser: Custom identity User Class.
  5. ApplicationRole: Custome Identity Role Class.

LINK: https://code.msdn.microsoft.com/ASPNET-Core-MVC-Authenticat-ef5942f5#content