ASP.NET Core 7.0 Role Based Authorization || How to Implement Roles Based Authorization

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to macro code if you're new to this channel consider subscribing so today we are going to learn how to implement role-based authorization in sp.com so to start with what is authentication so authentication in a speed of net core is the process of verifying who a user is and authorization is the process of verifying what they have to access so some of the people actually confuse authentication and authorization so authentication is just like allowing those users who you want to access the system and authorization is how you will want them to access so you give them race to access certain sections so we are going to create a project and we'll be able to see how to register a user login to the application register some roles and assign roles to users so to start with let's create a simple app so we are using a speed.net core we are going to create our project using asp.net core web app model view controller template so we're gonna call this uh authorization let's call it a roll based roll based authorization so let's call these role-based authorization so let's create our project so in for the framework we are going to use a.net7 then authentication type you're going to use individual accounts then we have uh check this configure for https then leave the enable docker then we can actually create so if we do that our application will actually create so here is our app so as you can see on our app we have some files so this is the projects files so you can see we have the program.cs and it has our default connection this is giving us a connection to the database so it is using asp.net core identity and actually Entity framework call so you can see we have our views where we have the home shared views and we have the Hub settings.json where we will be able to see how to configure this to our database so we are going to use Ms SQL then we have our models where we'll be creating models uh the data we have our application DB contacts which will actually have act as a connection to our database then you have the controllers you have the home controller and areas identity and Pages then you have the WWE root where it holds a CSS files JS files and the icons so the dependencies we can see we have the packages so you can be able to see then the install nugget packages so if we just launch our app we're able to see a default asp.net core app using identity so we are able to see you can register a user and actually log into the database so you can see we have this app so this is the role-based authorization app that you have just created you can see at the far end we have the register button you can register a user and actually log in to the data to the app but to begin with we need to create an a database so let's create a database called authorization so let's call it a database authorization so I'll click ok so I'm I'm going to copy my SQL instance so this is the SQL instance name then I'm going to paste this to our so we can we cannot stop this application then go to appsettings.json then under server replace this with your server address then you can see we have the database so the database we can replace this with the database name that we have just created which is authorization ensure the names are actually correct so I'll just navigate to our database you can see I'll rename them copy then I come and paste it here so one thing that we need to add to our app is we need to allow uh to trust the S server certificate so you will do this you can say then you can have trust server side certificate then you can set these two you can save this to true so we have trust servers certificate certificate certificate is equals to true so that is it so we have actually done that so the next thing that we need to do we need to we need to create uh we need to scaffold and add the identity pages so how do you do that so we can right click on areas then add new then come to New scaffolded item then when you see we have the identity section click on that then add so we are going to add all the identity pages to our app you can see so this is the uh identity layout pages that they are there so we can actually add all of them if we select that it will actually tick all but you can also until you can select the ones that you only want so for now I'll just pick all then the data context will pick our data context click on the drop down then we have the application DB context then we can click add so it will add all these Pages lower up so the application has created all our pages so if you navigate to Identity you can see we have the account so if you click it you'll be able to see all the pages so you have all the pages here the register page the login page and also we have the manage account it has some pages as you can see so if we just launch our app let's you can see our app is still there and we can actually see we can register the the user and we can log in so let's try to register a user admin and you can say so I'll just give my password so if I click register you can see it it is telling us a database operation file with the processing so we have not done migrations to our update the migrations to our our database so what we need to do after we have done that come to tools then uh package manager console then a packet manager console then you can see you have this console down here so we can actually update since we have not altered anything we can actually update database so that you have the default tables so there there it is so it is done so if we come to our database and come to tables you can see we have the tables we have the asp.net users sp.net user rules so that is fine now so we can try now to launch our app so if we launch our app there there it is so we can actually register a user so just register a user so same you can see it has register the user so we can click here to confirm the email so if you set the email uh if you want to send the email so you can actually configure it to share an email with you but for now you have not done that so if we come to our application our database and come to a speednet users you'll be able to see that we have registered our user so you can see there we are and we can login to them to the application so if you just get the email and the password then click login you'll be able to see we have the uh hello admin gmail.com which it has actually log into our app so we can also log out so you can see it has logged out so we have created an app that you can register a user and you can actually log into the to the app but for now we need to do something we need to create roles and assign roles to users so what we need to do first let's create a come to our application then program.cs so if we do that you can see there is a line of code here that is builder.services.addefault identity so we are using sp.net 7. so for those who are using 6 and below so you'll do this on the startup class so we'll change this to add identity then here we will also pass identity role so we'll pass identity role then another thing that you can do we can actually do T add a default UI then you can also add say add token our default token providers so do that so after that after you have answered these let's come and add a roles controller so we need a controller that will be only adding roles so what we need to do we can create an empty control so we can call our controller roles we'll call these roles so here we have a controller so come to views then we add our folder for roles so that is it so then we need to do something under roles now so we need to inject uh so we can have a Constructor there we are so this is our roles Constructor so I need you to do something you can have private read only then you need to have a role manager then under role manager will pass identity role then we say that is a manager then you need to inject it here so we'll say role manager from manager then identity role identity role then it will say manager role manager so we need to assign it here we'll say role manager manager is equals to role manager so there it is so after we have done that we need now to provide the list of roles in our index so here what you need to do will say you want to get the list of runs so you say roles is equals to manager dot role so this one will give us the list of rows then uh for the view will return all the roles that are there so after you have done that you can now also provide a section to create the roles so we will Define the create which is a get so this one will only be returning the view so it will return the view for creating the role then we need another one for a post s that will now save the roll but now we need to pass the identity role here then we'll say this is a roll then if we need to save the data so here we need to fast check if there is uh if the role exists they're all exists so if it doesn't exist then we need to create so how do we do that so we can say if and we say not underscore manager dot we say role exists scroll exists so these are all we need to check it by the name so we'll pass the role but we have supplied and the name then we need to get it so we'll do dot gets it then get results so if it doesn't exist we need to create it so we'll say manager dot create then you pass the role so we pass this one so after you have done that so we create here we can do new then we say identity which is identity role we need to pass the mod the name of the role so you say raw dot name then we need to do this then we say get dot get result so that is it so then after we have done this we need to redirect it to index so we can say return Direct direct to action then we say then you can now close this let me Zoom it a bit so that you're able to see so that is it for our our crude uh control so the next thing that you need to do is to create our view so we have our index which should give us the list of roles uh credits that will give us the form and the post action that will actually save the rolls to our database so come to roles folder that we created we add a new view then you can add a new an empty Reserve we call this index then after you have done that we need to Define how our roles will appear so we are going to use so you say using Microsoft .spnet.identity then here we are going to now have our model say model then you're saying I enumerable then you need to pass our identity The Entity from can close that then you can Define our our title so we'll say these view data view data then we say we want the title to be so this is the title then you can give you the value we say it will be create I always say this in role trolls just call these balls then you can close it then we need to have so let's let's have the header some so you can call this application application roles then you can up there so you can have the button to actually create our roles so you can say SP action so this one should point to the create so that we create action then you can close these and we say this is create new crawl so after that we need to define the table that we will give us the list of then you can give the class you can say table table and boarded then you can close these then you can provide the table adder so you can do T AB closer than t row also close that then we can now provide the so this one will be say you can do HTML Dot display name then you can do model do model this will be display name from display name for then here we can say model and I'll do this then you can say model dots you can say ID so then you can close that so you can also copy these and we can Now display for the name of the role then is there something else you can display let's see so so you can say name and also have the normalized name then you can have like just an edit and empty named one so after you have done that we can now pass in the values so I will do that you come here then you define the table body then you can close then we need to Loop and get the values of our the list of the roles so item so you can say this item in uh in our model then this is a list of roles so you can remember this is in our table row then you can have now the table data so for the table data we are going to Define you can say at HTML dot display name for so this one will be display display form then we can also do the same you can say model item we will say item dot ID giving the values so we can do this again so this one will be named and also you can do this he said this is the normalized name then you can also do an empty table data so that is it so we have now a list of roles but to see these roles let's come to shared layout then we need to add these two uh our tabs so you can have this the controller is the roles then we can have which action is the index then the name is the roles so if we launch our app it should give us the default rows so just launch it then we should be able to access the roles index page with a list of roles so you can see we have roles if we click this you can see it gives us the application roles then create new ID name and normal list so we don't have any role currently so what we need to do is you need to create another view for creating the roles so we will come to our application we can stop this then we need to create under roles we create the create View come here under empty then say create then add then here we now also use at using then you say Microsoft dot identity or I can say SP netco identity then we are also using our remember our model then identity role so you can close this you can also do this it can be with then let's create our table form I mean our form to register there the role so you can have class then row you can close this then you can say also another div class then you can add these as six you can close these also then we can create now the form so this will be the form but the method should be post so you can have that and you close it then inside the form you can provide something late uh create a new crawl so then we can we do a brief kind of then we can see give you can provide another div plus then I have form protein then inside it you can have our input and I can say SP phone name then you can say class use the form then control then we can have area required then you can have this true then you can close it you can also add the label label SP phone then use the name and then also close this you can do spam you can say SP validate form is the name then you can say class is text Danger then you can also close it so down here you can now have our Arrow then you can have our button so you can say button then you can say type Eagle submit then our class you can say BTM BTM primary this button then you can have the name of the button as save so at the top here we can also do DAV SP validate summary model only then you can say class EXT Ender then again you can close so that is it so if we launch our app now we should be able to create the role so let's launch it and we see how it it looks so if we come to roles we have the list of roles so if we click create you can see it has given us the create form so you can have the role so you can say admin so if I click save you can see it has added the ID that's the ID which is unique to this role and the normalized a name so if I create new I can say officer and save it you can see it as the roles created you can also say ICT [Music] does the roles I can also do like a CEO it has created there all so we have actually seen how you can register roles but assuming you want users to register roles while registering their account so we can actually provide this list of roles under this form so that when we are able to when the users are logging into the application then we can control the pages that they're accessing so we can now implement the role best authorizations the first thing first we have created the roles and you can see how we have done that so if you are new to this channel consider subscribing and watching our previous videos so the next thing that we are going to do is to actually now tie the roles to our registration form so that you are able to select these forms when we are registering a new users so how we we do that we are going to go to uh registration so we will stop our app for now then we are going to register so come here so come to the register on view there's a page so you can see we have the register page here so come to the register.cshtml.cs so come here then what you need to do is we need to add the role manager to our so we'll come here and we also had our role manager so we just need to do this come and say private then read only then role manager so then you need to pass you can see it has also given then you need to add it here say role manager it has done that then you need to assign it here so we'll see role manager request role manager so it has actually done that so the next thing that you need to do is to define the fields for the roles so the the one thing that you need to do is to actually provide the the roles list get the list of roles so that you're able to populate them on them on the register form so but we need to get the ID of the role that we selected so we'll do a string which can be empty and you have it as so you can you can actually leave this as a mandatory thing then you can have this as get set so we Define that so add this to a after the after the confirm password then the next thing that you need to add is the list we need to get the list of roles so how do we do that so we'll do we'll say public then I numerable memorable then we need to pass the the selected click select lists item select list item then we'll call this uh roles list then I was getting set as so this will be the list of our our roles so before we do that we need to now provide the select set the select a drop down on our registration dot uh CS CS HTML file so come to the view page then we need to add the selection so we can copy this then you can alter it so come here then for the input you can have this as select then as before you can say input then we have the role then Form controller so this one will be class will be select class then you can see we have it here you can remove the rest so the the only thing that we need to do is to add the asp items which is coming from a model dot input dot roles list the one that yet defines roles so we'll say roles list then we need to say area required the question true then down here the label is for the role then we need to say this is a so that I need to say yeah actually you can remove this and then the select this this way true then sorry so we need to close let's select then inside the select we can say and do this and we say here options option you can you can provide a select option so you can say select run then for the option we need to add something you can say disabled and selected then [Music] so this is our view will look like and here we can do the wrong that is it so we have our we have our so you can also yeah so that's fine we have our form as you can see how it it looks then we need now to assign values to our list remember we didn't assign values to this list so when you come to our CS file we need to go to on gets method this one just scroll down you'll be able to see it then here we need to say input input is equals to new input then we need to do something we need to assign the list of roles to our list so we'll say roles list is equal to the role manager that we added dot rolls then dot select this one say x is equals to x dot we get the name of the roles and for these roles say that select select then say I then new select list item then we need to open these it is still open let me say it will be that way let me see the text equal to I comma value equal to I then it it can now close this sorry and put in that tree so all right and do this then to put in that term then actually close that is it so you have closed that so you should be able to get the list of of roles assigned to our list here so when we run our app we should be able to get those at least but before that after we have this list and the user registers the details we need to save these roles to our to our database so what we need to do will come to on post on this action on post and we need to now add the option for user to save their roles so and uh under this section after the result is succeeded just come inside here then you say await foreign manager dot add roles so add roller sync then you need to pass two parameters so we'll pass user then comma inputs remember the the the the the role string so you'll get input Dot so this one will be input dot draw the role string that we Define at the top there so this one will create now the role the user with the role it will tie the role with the user that we have created so that is it so we can try to launch our app now so let's launch our app and see how it goes so we should be able to select the list of roles that are there remember we had created roles in our previous section so if we come to rolls we have these rules already there so if you come to register we should be able to select a role you can see we have email password confirm password and role so it should be able to select the roles you can see we can now select the role so let's add a I use a test then you can have the password you can also have another password then you can select the role as admin the password does not match let me try to mind them then you you can see I've selected that so if I click register it has registered and we can confirm the email so you can actually set this if you need it to be sending emails so if you come to our database you can see we have we'll be having two users here but since the first user user we registered without the role there is now another table we call it a spinet user roles and we have the SP net roles so they are speed Naturals will give will actually save the list of roles that we have registered so you can see we have the spinet roles we have the role names and the normalized names but now we have we have actually mapped our users to roles so we have spnet user roles so if we select this we should be able to see the user ID and the role currently we just registered one user with the role mapped to it but in case we add another one so if we do a register then we'll say test one we also provide the password we can also provide the password then I'll also give the role then I register and I can also confirm the email so if we come to our database this one you should be able to see two you can see we have another user with the role tied to it and you can see our roles are there so we see we have the role that we registered and we have the user already added we now have three users so you can see but now something that interesting now you should be able to see we have our roles that has been registered and email so you can see the email confirm is set to true so that's very interesting so we have actually seen how you register a user and map the user to roles so we need to do something we need to we need to see how you can add custom field to our SP net users these SP net users is the default we can see we have the default fields uh we want now to have the authorization in our project so we have created the roles assign users trolls so we need to restrict some of the roles and the users to some areas so you can see we have uh our home controller and the role controller which gives us a list of roles so come to program.cs we need to add some something so under authorization you can see we have authorization so we need to add another one called use app.use Authentication you must also understand that authorization authentication comes first before authorization so if you actually copy this and paste it down here it will not work so you need to actually have authentication coming fast before authorization so kindly note that so the next thing that you need to do come to our controller then we need now to add here authorize so it will it will only be accessed by those that are authorized to access our app so if we launch our app you must be authorized to access the roles that is the home uh controller you can see it has actually redirected us to our to our account login page so if we log in so I'll just use a test then I'll provide the credentials then I can log in if I log in you can see it has taken me to the home page and here we can have the uh test gmail.com so you can also log your route I can log in with admin you can see and I can also access the roles if I log out I can log in with my test I can access the role so assuming for those people who will need to access the roles section the list of roles those with admin role only if you want now to access the these list of roles you should be having that mean a role so how do we do that if you come to our application and I authorize so you will just do roles is equals to then you provide the name of the role so we'll say admin so all those people with admin role will be the one to access this page so if you have if your role is not admin then you should not be able to access it so let's try that so if we if we launch our app okay you can see it we have not logged in if we click it and log into the app if I click roles I should be able to access the roles that means I have the admin role so assuming I log in with an account admin which had no role you can see it is telling me access denied so you don't have access to access to you don't have access to this resource so we have actually seen how to implement role-based authorization so we have actually so if we log out I log in with test one I I have this was CEO so I am actually denied so I will I log out and log in with test and controls you can see I can access my roles so that is how you implement a raw based Authority so if you are new to this channel guys consider subscribing and watching our previous videos we'll be doing uh another video of our claims based authorization in asp.net course so you have been able to see how you register users uh you register roles and you now have the roles type 2. to our app so you can see I can have this as roles so I can also do the CCU see e o we try and see if we can access that with a different account so you can see it is redirect to me to login if I I click that you can see my access is denied so if I log in with test one which had uh let's see which was the one having the CEO wrong CEO so let's copy this I think we had you can register another user with that role so let's register we say you cannot even use CEO CEO at gmail dot com then you can provide the password so select the role as CEO then register then you can confirm the password so if we login we can log in with the CEO or Gmail you can see it is already logged in and can access the roles so that is how you do role-based authorization in SPD or netco so if you like this video guys comment down below and give us suggestions on what you want us to do next see you in on thank you
Info
Channel: Macro Code
Views: 7,057
Rating: undefined out of 5
Keywords: C#, AmigosCode, .NETCORE, Sundeep, Saradhi, freecodeCamp, ProgrammingWithMosh, MikeDane, IamTimCorey, TeddySmith, FireShip, DaniKrossing, Stefan Mischook, ASP.NET CORE, Coder Foundry, Jose Montemagno, .NET 7, Frameworks, Nick, Nickchapsas, Jake Wright, Keep On Coding, QuestPond, Comrades Flavour, Amigos, Developer Filip, TechWorld With Nana, Techworld, GotoConferences, CRUD, ASP.NETCORE, SQL, BoostMyTool, .NET 7.0, Authorization, Authentication, ASP.NET Authorization, Role-Based, Role-Based Authorization
Id: VZgxKbAdbbo
Channel Id: undefined
Length: 47min 21sec (2841 seconds)
Published: Thu Mar 16 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.