Asp.NET Core Authorization from database

0
votes

We are starting a new ASP.NET Core web site and the customer would like to handle the authorization using the database. So they want to configure custom roles and the actions to be configured in the database.

I have been trying to find an example or something to help me implement this, but could not find. Can this be achieved using the Authorize attribute from framework or a custom filter needs to be implemented?

EDIT: I should probably mention that the application is an intranet so Windows Authentication is used for authentication

1
asp.net-mvcasp.net-core
how you did authorization, before without database? - Sabir Hossain
There was no authorization on the previous project. Only the menu was available to the user or not based on the database - Dan
better you first learn about Authorization and Authentication from MSDN. this is not something that will see an example then you will create your own, this is security and you have to know how asp.net identity works.. - Sabir Hossain

1 Answers

0
votes

Short answer Yes.

Long answer... This can all be achieved from the database you can configure up using existing methods with Identity, and from there create all the custom roles and even policies that you want to have and be able to assign, to each user individually or via roles.. Authorize attribute will work just fine with cookies. My only recommendation is that you try not handle security yourself but let the framework handle this for you.