Click here to Skip to main content
16,017,319 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hi
I wrote my project with asp.net core 3.1
My tables are similar to the tables
Now, when I enter the main page after logging in and click on the relevant menu, it directs me to the login form. Login again and click on the relevant menu and then redirect me to the login form again and this cycle continues

My role table in this database: UserGroups
Access table: UserKeys
Role and user relationship table: UserGroupMembers
Role and Access Relationship Table: UserGroupKeys




<pre>        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext<ApplicationDbContext>(options =>
                options.UseSqlServer(
                    Configuration.GetConnectionString("DefaultConnection")));

            services.AddDbContext<KMCPortalDbContext>(options =>
                  options.UseSqlServer(
                      Configuration.GetConnectionString("DefaultConnection")));

            services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options =>
                {
                    options.Cookie.HttpOnly = true;
                    options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
                    options.LoginPath = "/Account/Login";
                    options.AccessDeniedPath = "/Account/AccessDenied";
                    options.SlidingExpiration = true;
                });


            services.AddAuthorization(options =>
                   options.AddPolicy("Upper-Admin",
                       policy => policy.RequireClaim("UserGroupKeys")));
 // Upper-Admin is the role defined in the UserGroups table and UserGroupKeys is the same as the role and access relationship table</small>


            services.AddControllersWithViews();
            services.AddRazorPages();
        }


What I have tried:

<pre> // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                //app.UseDatabaseErrorPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }


            //app.UseCookiePolicy(cookiePolicyOptions);
            app.UseHttpsRedirection();
            app.UseDefaultFiles();
            app.UseStaticFiles();
            app.UseRouting();
            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Account}/{action=Login}/{id?}");
                endpoints.MapRazorPages();
            });
        }
Posted
Updated 1-Aug-21 22:37pm

1 solution

Your policy uses RequireClaim, which means the authenticated user must have a custom claim called "UserGroupKeys". This is not a standard claim, and will not be set by the default authentication code.

If you have custom authentication code to set this claim, then you will need to update your question to show it. Otherwise, assuming your roles are working correctly, I suspect you meant:
C#
services.AddAuthorization(options =>
    options.AddPolicy("Upper-Admin",
        policy => policy.RequireRole("Upper-Admin")));
Role-based authorization in ASP.NET Core | Microsoft Docs[^]
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900