ASP.NET MVC - How To Implement Role Based Authorization

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi guys welcome to digital Tech joint it's been a while that I have not released any videos in this channel because I was busy with my assignments and project however I am back and let's get started in this section we are going to cover about how do you manage role-based authorization using identity framework 6.0 I had released a similar video where I demonstrated how to implement identity framework and include registration login and logout functionality in your project so this is an extension of this video where we are going to go ahead and show you how you can modify that existing framework and also how do you add a role to your identity framework which will enable you to manage the entire modules using role-based access let us proceed so first I want to clear a very basic concept on authentication and authorization I know many of you are aware of this topic but I still want to highlight and walk through in a very short span of time so what is authentication authentication is a process of verifying who the user is in a previous video we showed you authentication where we created a sales model we added all the functionality of adding operating deleting a sales lead and then we restricted that axis by using Authentication so in that previous video I had shown you how do you register a user and how do you enable the user to log into system in order to access the Cs module now when you talk about authorization authorization is nothing but providing the right access to the right user for example authorization comes into picture typically when there is a user called admin who has all the access to the model whereas an employee of the same application will have limited access to to certain models that is only belongs to them so authorization is something that we are going to cover in this topic so let me iterate what I just mentioned in my previous video which you can go ahead and access in my channel and I recommend that anybody coming to this video directly without watching the previous video I recommend them to go ahead and then watch those video where I have implemented registration login and logout using framework identity framework so what what was covered in the previous section so we created a sales model because we wanted to show a real weight scenario so we created a sales model having all the functionality of the group then we included the identity framework service in our project we also included registration login and logout functionality we use migration command to create the default tables of identity service in our database that includes users rules claims role user mapping Etc and then finally we use the keyword authorize and we made sure that anybody accessing the application should log in and then only access a module the link of the videos over here and it will be also paste in the description so that you can watch that video and then you can go ahead and watch authorization video which is covered in this topic now what are the topic that we are going to cover in this video section in this video I'm going to cover the capability to include identity role class that enable you to add new roles in our application will show how do you create a new rules and then very important we are going to modify the registration module the default registration module which gives only the capability to add the email and your password and your confirm password here I'll show you how do you modify the default registration and include more fields and most importantly I also give you the option to select the role while you are adding a new registration so you know every user as a role assigned to it and finally we use the migration command and add those new columns in the registration and then I show you how do you control your sales module with multiple rules in your application how do you manage your manage your sales module while providing the right access using the role authorization so typically in a sales module there could be one admin we'll have all the access then there could be sales people who will not have access to delete or update any record so I'll show you how to implement that so guys let's move to the radar Android session but before we go to the registration I will just show you the video so this video is available in our Channel identity user registration and login which is right over here you can access this I recommend that you watch this video and then I'll also walk through the previous project I'll just run this project and show you a demo so this is a project which was loaded now this is by default oh screen this is displayed over here and right now there is nobody else logged in so users are not logged in and we have an option to register so when you go ahead and access the sales lead you see it is redirecting the default login page okay so in order to access the saved model we need to log in so I will show you what we did in the previous module we can enable this registration where we add access to adding a user user one password is admin one two three dollar is in one two three dollar and then I click on register so once the user is registered successfully it will show over here login and register now this is a page that is by default created in ND service we can skip this so basically the user which is added right now so there is a mock-up like you have to just click on this click here to confirm the account and once you click on that it gets it it's like a scenario where typically a email will go to the user but in this case since we are not sending an email dot rate is given this framework we can skip this option and directly send the email to so once the user is logged in now I should be able to log in with the user just added user requirement yahoo.com that way one two three dollar and click on login so now you can see hello user1@yahoo.com and then we have the logout option now if you click on the sales lead I'll be able to create it user sales lead I'll be able to create new sales I'll be able to edit it and I'll be able to even delete it so this is a model which is accessed to this particular user user one we can go ahead and add one more user so that I'll just show you it is common for all the users so this user 2 is also added and I just click on click here to confirm the account once it is done I'll just use user 2 at the rape yahoo.com and add plain one two three dollar so you see it is logged in with user 2 also and now we will click on Save model so I am able to access everything so right now if you notice that every user that is added to this application is able to access the sales lead module also while I do a registration I don't get any option I don't get the option to enter my name first name last name or I don't get option to enter my address City or most importantly right now this model does not have any identification on what role the user belongs to so this is what important thing we are going to do we are going to modify our default registration screen so that even you can use identity service and save lot of development time and efforts then once we create that option we are going to add one module over here which will help you to add rules in the application obviously that model will be given access to only either administrator of the system now enough of talking handy enough of all the demo which I showed to you let's Deep dive and start modifying this project which I scripted over here to include the option which we just discussed before we go into that I would like to show you database this was a database created in the previous table and these were the default tables that was added after our identity service was included in our application and this is a sales model table right so let's go ahead and make the changes in our project to include the new features that we just discussed so guys the first step that we want to do is that in our project we will need to include the capability of enabling rows in our project let us go to program.cs and see our code which we had written to enable registration and login so here is a code which was added by the identity framework which says build a service add default identity and it is injecting the identity user class now identity user class is manages the user registration validation lockout session management and everything but in order to include our rows we need to also inject the identity rule class now if you notice here in the bracket we have option sign in require confirmation confirmed icon so this is a this is a point where users are asked to click on the confirm and then only the user in case identity database we actually don't need to do this we can do that in the little section where once the user does a registration we can send a mail real time so that we don't want to get into this mock environment where we have to click on the link to confirm the user so in order to remove that we simply need to remove this option over there and add the capability of identity rows so in order to do that just say add click on ADD default token providers because we need to manage our token and then enter and say add roles and we are going to pass identity rule so this includes this injects the identity role also and then it gives the same class will help us to create module controller and view in where we can use the same class identity role and extend the capability to add the neurals so once this is done we will rebuild it once and then we'll create a controller class for providing option to the user to add new roles so it's ready right click on the controller and add a new controller select an empty controller and name it as foreign so this is the name of the controller approach so here the controller is enabled now what we need to do is add the references so I'm going to add Microsoft Dot a code dot authorization so yes this is important you need to add authorization and then you need to add Microsoft please Dot this productive code and identity and my class so this is my controller class app Rose so what I'm going to Define is I'm going to declare a variable as read only rule manager and I'm going to use identity rule so this is a variable which is defined and now I'm going to use a Constructor say it you are tap tap and then the Constructor is created and here I am going to pass the role manager and you have initialized this variable over here so once this is done first I need to list down all the role managers in the system so in my index screen I'm going to Simply say where roles I Define a variable diagram sorry I just call this underscore role manager and say rules and I pass this to my view so this becomes list all the rules created by users okay so once this is done I'll go ahead and create one more method to create new role now this will be a post method so I can specify post and I'm going to create public action and create this method was just written a view and this will not be sorry this will not be post it will be get because this will return a view that enables user to add neural and this will be post we should actually add new role added in a system this will be basic task [Music] I actually result and we are going to pass identity role this will be a model so first thing we need to before we create we need to check whether this rule is already available so we are not going to create any duplicate role in our application so we are going to say if not role manager dot role exist sync and this will be model which is passed at the mean foreign so if it is does not belong then it will enter the score and here we are going to say role manager dot click SC new identity role and we have this modern dot name and same get results that's it so what is this going to do is just going to check whether it's already there if it is not there it is going to create it and then we are going to redirect this redirect to action and this will be index so we are going to work over here on only on the creation of neural we will get back to creation of edit rows and delete rows later or you can just comment if you really want this code because I have created a lot of videos on how do you manage how do you edit and delete and modify a view rows so right now let's be focus and create the neuros in the system because we have got a lot of work to do now once the rows is created we need to map it with the user and then actually see how authorization works so this covers only creation of neuros let's go ahead and add the index for this so let's first add index to display all the Roses system right click on the index method and say add view select an empty View and name it as index so once you do that you can see under the views you'll see approach the front return name and then you can see the index which is created over here now we have to write some codes over here eraser eraser syntax and display the records which is added you know this is the rules added in there so in index page first thing we are going to add the reference to our Microsoft dot asp.co.nt Library and then we are going to refer our model so we say model and cap small and it will be I will identity rule all right so we added this because since we are going to show multiple records so we have used the I numerable class and we are first injecting the identity rule now we are going to just write a couple of ways of each code and data this will be a title application rows right so this will be already so our adding will be videos and then we use the P tag and here we'll add a button action as create this is still not created this created in our controller yes you have to and create a role right so this becomes our button so here we are going to create a table class and repopulate this will be our editing and this will be HTML dot display name model Dot ID I want to show you the ID this will be so this will be not Capital it will be small animal this will be small display form got it and then similarly we'll have one more adding which will show the name so we just copy this and then we paste it and this will be the name right so this is an Eddy and now we go to the row section we add one empty headers and then we close our row five so this we have one row and just copy this over here so this becomes one row this is empty ID right now we come to the body section and we are going to use for each Loop okay and this time the model will be capital oh it's RTR DD we are going to use HTML dot display for and another item already item dot ID so this becomes one section and then we have one more TR and this becomes our name so we have successfully displayed our rows in our section right now there is no record but let's go ahead and also write the code for create so right now let me just run the application show to you and there's some accession let me go ahead and check what is issue let me go and check the inputs so there is some razor page exception which is coming let me go and check what exactly it is thank you guys I found the issue the issue was because in our approach controller and address is reference using esp.net core so this is a wrong reference and because of that there was an exception I'll just show the accession right to everybody so I'm just not removing this I'm just running the project and you will see it in an exception coming yeah this is error but very surprisingly dot it is not showing exactly where the issue is it's just showing zero errors but then I found it so I remove this line and we'll go back to our app role index page where we have written a code to display the records so let's go ahead and before we run this project let's go ahead and add this rows Link in our common layout page so let's go to shared folder there's a layout and privacy over here so what we need to do is copy this sales read and just stop paste top of the sales lead and this will be our controller will be approach and this will be index and this will be rules so right now we have added this link over here and let's go ahead and run this application now so we can see the link over here now rolls we click on that and right now there is no record so it will show empty and this is the create method that we have added in our controller approach create but we have not added any views so when you click on that it will throw an exception the page is not found so now in the next code let's go ahead and add the view so in order to add a view just right click on the create a get method in our approach controller right click and say add View theater laser view empty one and name it as create so this is a create view here we are going to first add the reference we are going to see using Microsoft dot asp.net core and identity and then you refer the model so m capital and identity rule this time you're not taking an i in numerable class because we want we are dealing with a single record identity identity rule yes and here I'm going to just paste the HTML code which is pretty straightforward so we have added a class which is when we are using a form method post and this is a create rule we're adding we have only one field called the name which is the role name within validation and a button submit we should actually call post method over here and clear the record let's have a breakpoint over here and now since we've added this let's go and run this application and let's create one rule and see it in the listing page so if you click on the rules and we see an empty list we click on create this time our view is open so we are going to see sales so there is a sales rule we click on Save we call a breakpoint here we are checking the sales is already there in a database I'm sure it is not there so it will go go inside this code and create this role successfully it is created and then it is redirect to your listing page where you will be able to see the unique ID and the role says let's go ahead and add one more rule called admin click on C so we have two rows now sales and admin we can add monos but for the demo for authorization demo these two rules are enough now in the next session since our rules is created let's go ahead and now in the next session add the capability of AD selecting the role while we are doing the registration and then basis that we are going to use the authorization part over here okay and manage the authorization between the sales and the admin now if you notice sales model is easily accessible to everybody even if you are not login so in order to restrict that let's go and add the authorized tag so that it redirects us to the login page so in order to do that you have to use this authorized keyword come to our approach just right above the controller and we just paste it you'll have to save it and rebuild it again since we have made a change in the Cs file so now if you see if I click on rules it will redirect us to the login screen but here also we need to make some changes we need to make authorized and authorize only the users who have the access of admin who are playing playing the role of admin not the sales so let us see how do we do that first let's go ahead and extend our registration page module and include our roles in a registration that's important let's do that because I'd like to show you the database before we start editing or adding any record to our database so here we are focusing on new users so if you see the user table we already have two records which we are added okay and these are the columns so let me show you the design view so here these are the columns these columns were added by the framework Itself by default and we are out of this all these Corners the only thing that users are visible is the email and then the password okay which they are asked to enter now here we need to add two columns we are going to add the first name and the last name to our database so that the user enters the first step last name the email the password confirm password and select the rule you don't have to add the rule over here because it is a separate table given by the framework for example we have the asp.net role where we added two rows over here you can see that there are two rows added sales and then admin and then we also have the user and the rules model so here if you see there is there is no user ID as well as rule so what are we going to do we are going to add the new two columns in our user table and once this user submits the data we are going to add that into this table along with the new columns first in the last name and after that we are going to take the user ID and the role ID then add it in our user roles table the bright focus of this agenda is said to help you understand and show you how you can extend the default registration form this is just the few examples this is just an example where I'm adding first name and last name but in your case there could be a scenario where you can go ahead and add you want to add the address city state and mobile number while doing the registration so I've shown you the table now let's go to the code here in order to add the columns we need to extend the identity user class so what are we going to do is that we are going to add a model and add a class called application user you can name it any class this is just for example and in this application user I am going to implement identity TT user plus so this application user is now implementing identity user now here and this identity user is actually linked with this table and the columns that is defined over here so what I'm going to do is that I'm going to Define two properties called first name and then as I told you your requirement could be more you can add more columns as per requirement and lastly so now I'm going to add these two columns I've added this class and which implements I replacer and I added this to properties my expectation is these two columns should be added in our user table since a class is ready let's invoke our migration to command and so I click on tools use it package manager console and I'm going to run the command add migration and name it as new user registration columns so the migration started and we should be able to see it's getting succeeded yes and the class is ready the migration class is ready let's go to the migration class new column registration and let me go ahead and update the database yes even this is successful now if you go to our table and refresh your table you see in the columns I should be able to see two new columns first step and the last step let me go and check the design this something went wrong let me go ahead and check what went wrong why was the column not added let me go and check the migration so in the migration yes there is a migration new code added but the columns was not added let us see the script whether we are able to find any issue okay so I think let me go to the data folder application DB contest class and I think I have not added the table over here let me add that over here so I should have at least adding the DB set over here this is the application user so this was missed what I'm going to do is that since I missed this line over here what I'm going to do is that I'll first remove the migration I'll say remove migration [Music] okay now let me go and check the migration table and just refresh it once okay it is still there but let's try and creating this migration again add migration new registration columns yes so this time you can see The Columns the name is displayed and I'm sure this time you should be able to add in the database so we say update database unique let me go ahead and refresh it once Google design view let me just delete this discriminator column and update database yes this time it has worked let me just refresh it and I should be able to see select you can see the column is added I'm going to design view and you can see the column was added so what was what went wrong is that while we added this new columns it also included the discriminator discriminator column which actually discovered thanks which is the default user and which is user which we have added so there's some identification even it added these columns by default because I had not defined that column in my application user class and that column was already part of the table so I deleted this manually and saved it and then executed this command and was able to add these two columns in the database now we have these two columns in a database now let's go ahead and make the changes in our front end registration screen let's close all these windows and let's go ahead now and add the columns in our registration screen so in order to access our registration screen go to area that was created by default when we implemented our identity service and inside the identity we had added the following Pages we click on accounts so we had added this following pages and now we are working with the registered page so click on the register CS HTML so here entire identity framework was developed in Razer pages and that is why it is very essential to understand how the Razer pitch work you can watch my Eraser page course available in my channel visit with that developed a complete module designing and developing entirely stuff in the razor pages so you can prefer that for better understanding in this page we have the Razer CS HTML page and that inside that we have the Cs html.cs where the code is written foreign definition you can see the rational model which implements page model now this is the code behind file for registration page where we can see it implements the identity user and now we will inject the identities all over here so that user can select the role from the list and here then very important we have the class called the input model where it defines the email the confirm password and here in the same piece of code in the same section basically we in this input model we are going to include the first name last name and the rule also so then in the for the substitute section when we are going to fetch the rules from our roles table and then while we save equivalent to add this first name last name also over here which is not there in the default code and then finally the user is successfully added then we are going to patch it and include that role to the particular role that we had selected so this is the piece of code that we will need to go ahead and change it so that it becomes customizable for as per our requirement so let's go ahead and do that so in the registration.cs code we go to the top section and here we first declare r arival for rules so we are going to say private read-only role manager and I'm going to object identity role class and I'm going to name it as underscore role manager so once I declare it in my Constructor I'm going to pass it so yes yes role manager and here you can see it's already initialized over here so that's quick okay so once so what's the role manager class is implemented the next thing we are going to do is that we are going to go inside this input model class right over here and we are going to include the first name and the last name so we'll just copy this email and go to the top and just paste two types and this will be our required this will not be an email this will be first name which is defined so display name will be first name and it is required and this would be let's copy the same one and repeat it again and this will be last name lastly so this two columns is added in our input model property before we go ahead and change the razor page code let's go ahead and also add the role required so we will have something called just copy this and remove this and this will be option and this will be rule so here we have something called Rule which would become from our role table and then we will Define a variable that will actually valid all all the list of rows added in my table so this will be validate level since we don't validate this is just a variable that will hold all the rows so this will be I numerable and it will be selected it will be select list item okay and this will be role list get inside so these are the two things so we have added the role field which will actually once the user select the role this back this variable will have that value this will be role like that is the list of rules that will be fetch from tables and displayed in the drop down and obviously then we have the first time the last game defined in our property so now let's go ahead before we proceed with the coding and adding this rows and everything let's do one thing let's go ahead and make the changes in our Razer pages so let's go to register okay and what we do is that we are going to copy the fields okay so what are we going to do is just copy this email and paste it two times okay and this will be first name so now this is displayed because we have added it into our input module so this will be first name this will be first name and this will be first link okay and similarly this will be last name last week lastly and this is last week so we have included these two Fields now we have to go ahead and also include our rows so what we're going to do is right after the password you just copy this password field and paste it uh this will be our role this will not be form control so there's some changes over here so what we are going to do is that this will not be an input but this will be a select and for this is right and then there will be something called we are going to use a tag items and we are going to say model dot input field dot rule list we Define this in our input model to and this will be class form and this will be select class will be form select we don't need this right and now we are going to Define so make sure that you feel like cannot do this closure will have to close it select okay and then remove this and inside the select we are going to say option option disabled and selected and this will be select rule now we need to add a validation so for this will be our role over here so this will make sure that our role is selected so our razor page code is ready let's go ahead just see how does it look fine so our project is loaded let's click on register once you click on register okay there is the next section okay because this is null because we have not initiated the variable yet that is why it's throwing an error so let's do one thing let's go to our code register.cscs code and in the so we have defined everything over here and let's go ahead and calculate error and make sure that it is required so you will no this is not required because we already marked report for rule so this should not be a problem now in our odd get method in our on get method we are going to actually fetch this rules okay and so that our variable is initiated initiated so let's do one thing let's write a code input because your new input module and here we have defined the role list so let's calculate the role list role list equals to close manager dot roles dot select we are using Lambda expression X that we are going to select the name and select I love that new select list item and here the text I and the value will be also I will be close effect so what else we have done is now we have initially we have fetched all the rows from our role table over here you can see our rules are two rows it is fetching this in on here so onglet is the method which is called first when the page is eraser page is loaded so now since we have initialized it let's run the application and see given the drop down having the list of values so let's click on register I hope this time you don't get any exception yes we did not get any exception you can see the first name last name email password and now let's click on the role yes you can see the sales and admin model is displayed success so we have successfully modified our registration page let's get rid of these section which is not required in order to do that let's go to our registration page and go to the receipt View and here you can see there is a dip okay just select it and this either deleted it or commented yes it's all commented now let's go ahead now since we added the columns information page and also fetched the rules on the on get method action method let's go ahead and now make changes to actually save this in our database record so our on post async method is the one which actually fetches the record from the front end and then saves it in a database so here there is a first change what is happening in this code is why when you click on on test there's a instance created create user and it fetches all the records from the front end which it was doing which had in the email and the password and then it is to save that record after it's successfully created it so here it is a change we need to include our first name last name and also the rules so let's go to this create user which creating an instance and here if you see added user so we need to make a change over here it's Rover and an end user but this will be an application user so because this is our class which is implementing so identity user as I mentioned let me just show you once again so that you don't get confused so this is adding to user but now we have a class which we created application user which implements identity user plus addition to columns so that is the reason we are removing identity user and we are using application user because it is also using your identity user class and below this code create instance we are using application users so once this is done we come back to our on post async and here we are going to make some changes so the first thing we are going to do is that okay I'm going to take the input after our email store and everything we are going to take the input as user DOT first link and this will be our input DOT first name which comes from the front end and similarly we use for last name sorry and similarly we use for the last name so once the value is done what happens if the record is saved as I mentioned first it will save all the records once it is saved successfully here once it is succeeded we are going to use right over here we are going to assign the rows selected by the user to this particular user so we say await user manager dot add to rows essay you will say user which holds all laser information and then input dot rule the one we selected from the front end that's it this is the code so once these two courses is written see our records should be successfully added along with the role mapping let's go and see things in action so I'm going to create two new rules one belonging to the sales team and second belonging to the admin team so let's go ahead and click on register here you can see so I'm going to add the name Robin effect and this is our email this is Robin and there is yahoo.com and admin as per the standard on password Here I am using admin e Capital One Two Three at the rate adminated admin one two three and three here Robin is from the sales I'm going to select sales and click on register yes we have successfully added let us go to the database and see what has actually happened first let us go and select the results table here you can see Robin is added and here to scroll right to the extreme corner you can see Robin and Peck so this name is added now if you go to the rules you already add all the rows we add sales and admin but if you go to rules and user now you'll see the mapping is already established so you see this is user user ID that is Robin and this is the sales rules let's go ahead and also add one more is it let's call him Alex Bob and Alex yahoo.com and click on register great so now we have two users now we have created rows which is right over here so Alex is a admin rule so let's go ahead and login so now so now what is this let me let me just yes sorry so Alex has logged in and you can see there are two rows now we have something called sales where we have restricted only uh restricted we have not done any restriction asset we are just make sure that anybody logging in should log in then only but we have not added any row level access to the sales module now since we have the rules module we have the user app selecting the rows and then we have the rows and the user mapping let's go ahead and make the changes in the sales model and show you the process of authorization let's close all these things and let's go ahead in the controller go to the leads at the sales module here we have added something called authorize so what does this do it makes sure that you log in then only you'll get access to this module but now we need to make to make we need to make some changes so that we understand how the authorization Works between the admin and the sales rules in order to add the rows generally what we do is that we say authorize that in this box and then you say rules and then you say admin so what does this do one minute it's it's not the Box this bracket so this is how you say rows and you say admin what does this code do so what will happen is when I have defined the rules called admin and the sales now I am telling this module that only admin should have access or sales should have access to this model so let me show you demo so I'm going to just run this and I will login as Alex and see whether I am able to access the sales model let me do one more thing I'll just sorry in the admin module in the rules model approach model let me authorize this for Alex right say rules and I say admin so I have given one access to lead to sales and next model to the admin and I'm going to login as Alex fine so now let me click on so if I if I don't log in and try to log in it will not work if I collect the title click on sales if not go to redirect so I click on login and add login as Alex so now you can see I did not log in let me just see the password was wrong I guess yes so now Alex is logged in if you click on Roll Alex as arrived so it should load yes but what happens when you click on sales so the moment I click on sales it says access right so so we have successfully implemented authorization but I want to take this further now what if what if let me let me check how the sales work so let's let's login as so Robin is basically sales let's go and validate so it's time to click on sales model yes it is loading but if you click on rules it will not load fine it is working but what if I want the scenario where I want to give access to both the rules admin as well as save to the sales module but I want to restrict certain action for example I want to give the sales model axis to sales team as well as admin team however only admin team will have access to delete the record how do I do that so let's go ahead and do that I'll show you how to do that so in order to do that let's go ahead and include in the authorized session let's go ahead and just add sales so these are the two roles so these two rows will have access to our index so in the in index that means that both will be able to access the record they both will be able to create records so let me go ahead and so okay now here also both will be able to create the records so sorry this is this is not the modulation so this is role models so this this will be always roles will be always handled we'll go to a lead model here we are going to remove this from here and we are going to say index it will be all good so this will be says if you copy this we use the same thing for details what will be able to see the details both will be able to create the sales and both will be able to edit we are copying it but then when it comes to delete we are going to make sure that only the admin has right speed so this is how you can actually implement now let us go ahead and run this application and see what exactly how this behavior of this authorization Works in our sales module so the project is loaded I log in as say s like okay I logged it so obviously you not have access to the rules because that's an admin access let me click on says yes is able to see the sales model is also able to create a sales module let me add some record okay let me just check yes is able to add a record problem is able to record is he able to edit it let me go and say yes he's able to edit go and edit it he's able to go and check the details yes he is able to go let's see what happens when he clicks on delete so the moment you click on delete this is access denied so now here we are using both the rules to manage the series model let me go ahead and login with admin and see whether the delete is working for him so I'll go ahead and delete I'll just add login as Alex let's go to foreign let me go and check whether I am able to click the admin is able to delete it yes he is able to delete the record so we have implemented this guys and now I think so and I'm sure you this is this example which I showed you your variable able to understand how the authorization works it took a lengthy process to explain this but this was a very detailed step-by-step process why this efforts was taken is that there are a lot of videos on the internet on authentication as well as authorization which is very confusing I can assure you if you watch both of my videos thoroughly you should be able to implement the entire user management using our identity service provided by dotnet framework without and this saves a lot of your time in designing the table managing the user's password managing the encryption and everything everything is provided by dotnet the identity framework and I recommend everybody to implement this in this video we showed how do you extend and customize that framework and finally we showed you in a very simple manner about the authorization process where we can use it in your code also before we log off make sure that I have shown you an example wherever hard coded the rules over here but you can definitely do an homework on that and this can be also managed dynamically so imagine you add a rule and if you want to give a role or revoke a role for in particular module you can do that dynamically not making any change to the code as I had done this has shown only to to clear the concept of authentication as well as authorization guys thank you so much for coming to this YouTube channel of my channel digital Tech joint and watching such videos there are lots of videos that are planned for dotnet 7.0 which is the latest framework so please stay tuned subscribe to my channel like all my videos share my Channel with your friends and colleagues so that they learn and grow thank you so much for your time take care bye

Info

Channel: Digital TechJoint

Views: 37,298

Rating: undefined out of 5

Keywords: asp.net, aspnetcore, aspmvc, asp.net identity, aspnet core identity, Introduction to Identity, Scaffold Identity, Identity source code, user interface, OAuth 2.0, ASP.NET Core. IdentityServer4, Federation Gateway, authentication, authorization, MSSQLLocalDB, mssql, migration, dotnet, dotnet6, mvc, core, visualstudio, aspnet, asp.net mvc tutorial, learn aspnet, tutorial, course, web development, coding, user management, demo, razor pages, razorpage, entity framework, CRUD, database, ModelViewController

Id: qvsWwwq2ynE

Channel Id: undefined

Length: 65min 27sec (3927 seconds)

Published: Mon Dec 19 2022