Authorization in ASP.Net Core
Question
I am developing an admin dashboard panel, I have created an intro page for the dashboard which users can log in there I have four types of user, Admin, SiteManager, PI, and EndUser After successfully login into the dashboard! I also Use an Admin Area for something named "Content Management" which is only accessible for the Admin but when I try to navigate to this content management, it redirects me to the login ( Authorization redirect loops), but the user is already logged in (because I put If condition if the user role is Admin this content management shows)
I am using the individual authentification and scaffold the identity ASP .Net core 3.1 I don't know how to solve this redirect issue!
in below I put some snip code
[Authorize(Roles =SD.SuperAdmin)]
[Area("Admin")]
public class HMController : Controller
{
private readonly ApplicationDbContext _context;
public HMController(ApplicationDbContext context)
{
_context = context;
}
note: the proposed if the condition is in _layout page and the Admin Area uses another layout(not _layout)! Also, I have already checked the Sqlserver the roles and the user are created and functional!
the _layout code:
@if (User.IsInRole(SD.SuperAdmin) || User.IsInRole(SD.ManagerUser))
{
...
@if (User.IsInRole(SD.SuperAdmin))
{
..
}
...
}
1 answers
solution1
0 2020-02-26 11:17:22
If you check for logged user at Login Action and there route user by role. You solve this problem
if (User.Identity.IsAuthenticated)
{
if (GetUserType() == "Admin")
return Redirect("Admin/Index");
else if (GetUserType() == "Context")
return Redirect("Context/Index");
}
For example:
- If admin logged system then if admin click not authorized page then redirect Account/Login.
- Account/Login page is check to user login
- If user logged then redirect user homepage
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.