ASP.NET Core 2.1: Razor Pages - role based authorisation not working
Question
My Razor Pages app is configured as follows. Startup.cs contains:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlite(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdminRole", policy =>
policy.RequireAuthenticatedUser().RequireRole("Admin"));
});
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/About", "RequireAdminRole");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
}
I have a user with the "Admin" role. When the user is logged in and accesses the "About" page, I get the following:
Access denied
You do not have access to this resource.
What am I doing wrong?
UPDATE
If I remove the AuthorizePage and use GetUsersInRoleAsync("Admin") in the About.cshtml.cs page OnGet method, then output the UserName property in the About.cshtml page, the admin user is displayed. So, not sure why the AuthorizePage is not working.
UPDATE 29-May-2017
My source code is in thisGithub Resository
4 answers
solution1
5 ACCPTED 2018-06-10 11:40:15
I've managed to find the solution:
services.AddIdentity<IdentityUser, IdentityRole>()
.AddDefaultUI()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<ApplicationDbContext>();
I think it works as follows:
- AddItentity - Sets up identity.
- AddDefaultUI - Use new Razor Class Library UI.
- AddDefaultTokenProviders - Needed for two factor authentication.
solution2
3 2018-05-29 06:29:16
You must put .UseAuthentication() before .UseMvc() app.UseAuthentication(); app.UseMvc(); app.UseAuthentication(); app.UseMvc(); I lost a lot of hair because of this.
solution3
1 2018-06-04 18:46:16
Please change these lines of your code and try again. Thank you
//Old
/*services
.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
*/
//New
services
.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
solution4
1 2018-08-02 14:16:12
The above answers did not work for me but after reading this on Github i changed the code from using Alan T's solution.
services.AddIdentity<IdentityUser, IdentityRole>()
.AddDefaultUI()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<ApplicationDbContext>();
To this
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<AuthenticationContext>()
.AddDefaultUI();
the .AddEntityFrameworkStores<AuthenticationContext>() needs to come after the services.AddIdentity<IdentityUser, IdentityRole>()
It works perfectly. I am not using TWO factor authentication so i dont need the .AddDefaultTokenProviders()
Hopefully it will help someone else who had the same issue i had with roles.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.