I spent two weeks searching for solution which allows me to make permission-based authentication. I have database schema like this
User <- Role <--> Permissions
Users has only one role which is connected with permissions using many to many relationship
I already wrote my models for these entities.
I start with Asp.Net Identity, but its default schema isn't designed for permission-based authentication.
I also tried to use Cookie Middleware but i can't override ClaimsPrincipal and use my model of user account
The only thing I can do at the moment is writting from the beginning a simple authentication library that uses the session, but it's bad idea due to security issues
Documentation of new version of Asp.Net mvc isn't finished yet, but maybe someone know how to help me ? :/
There are two options.
You can leverage the cookie authentication system identity uses without having to roll your own, getting the signed validation for free. All you would need to do, at a minimum is implement login, logout and a forbidden page.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.