Microsoft.AspNetCore.Identity authorization or authentification with razor pages

0
votes

I try to use Microsoft.AspNetCore.Identity with pages. Can I do it or I must choose Razor Pages authorization conventions like in https://docs.microsoft.com/en-us/aspnet/core/security/authorization/razor-pages-authorization? I `see 

services.AddMvc()


  .AddRazorPagesOptions(options =>
    {
    options.Conventions.AuthorizeFolder("/Account/Manage");
    options.Conventions.AuthorizePage("/Account/Logout");
});`

I have .cshtml file with

  @model Proj_s.Models.AccountViewModels.RegisterViewModel
    @{
        ViewData["Title"] = "Register";
    }
    <h2>@ViewData["Title"]</h2>
    .......
    @section Scripts {
        @await Html.PartialAsync("_ValidationScriptsPartial")
    }

I replace @page @model Proj_s.Pages.Projects.DetailsModelwith @model Proj_s.Models.AccountViewModels.RegisterViewModel

What the best way to add authentification or authorization to existing razor page that does not contain this?

2
c#asp.net-mvcasp.net-core

2 Answers

1
votes

You can use ASP.NET Core Identity and Razor Pages. Check this article

In general, just create a template and see how this is implemented.

dotnet new razor --auth individual

Be aware though, that Razor Pages are a little tricky when it comes to customization.

0
votes

Most common and widely accepted practice is it use [Authorize] attribute. 

[Authorize]
public class AccountController : Controller
{
    public ActionResult Login()
    {
    }

    public ActionResult Logout()
    {
    }
}

This is how you protect your view. [Authorize] checks if the user is logged in or not and sends them back to the configured page (login) if they aren't. You can also check if the logged in user is in role like this [Authorize("RoleName")]

More details