My Razor Pages app is configured as follows. Startup.cs contains:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlite(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdminRole", policy =>
policy.RequireAuthenticatedUser().RequireRole("Admin"));
});
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/About", "RequireAdminRole");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
}
I have a user with the "Admin" role. When the user is logged in and accesses the "About" page, I get the following:
Access denied
You do not have access to this resource.
What am I doing wrong?
UPDATE
If I remove the AuthorizePage
and use GetUsersInRoleAsync("Admin")
in the About.cshtml.cs
page OnGet
method, then output the UserName
property in the About.cshtml
page, the admin user is displayed. So, not sure why the AuthorizePage
is not working.
UPDATE 29-May-2017
My source code is in thisGithub Resository
I've managed to find the solution:
services.AddIdentity<IdentityUser, IdentityRole>()
.AddDefaultUI()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<ApplicationDbContext>();
I think it works as follows:
You must put .UseAuthentication()
before .UseMvc()
app.UseAuthentication(); app.UseMvc();
app.UseAuthentication(); app.UseMvc();
I lost a lot of hair because of this.
Please change these lines of your code and try again. Thank you
//Old
/*services
.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
*/
//New
services
.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
The above answers did not work for me but after reading this on Github i changed the code from using Alan T's solution.
services.AddIdentity<IdentityUser, IdentityRole>()
.AddDefaultUI()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<ApplicationDbContext>();
To this
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<AuthenticationContext>()
.AddDefaultUI();
the .AddEntityFrameworkStores<AuthenticationContext>()
needs to come after the services.AddIdentity<IdentityUser, IdentityRole>()
It works perfectly. I am not using TWO factor authentication so i dont need the .AddDefaultTokenProviders()
Hopefully it will help someone else who had the same issue i had with roles.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.