Role based Authorize Blazor Server + Client
I am stuck trying to use the @attribute [Authorize(Roles = "Admin")] in my blazor component on client side.
I started by adding
“
.AddRoles<IdentityRole>() “
in program.cs
“
public class RoleConfiguration : IEntityTypeConfiguration<IdentityRole>
{
public void Configure(EntityTypeBuilder<IdentityRole> builder)
{
builder.HasData(
new IdentityRole
{
Name = "Visitor",
NormalizedName = "VISITOR"
},
new IdentityRole
{
Name = "Admin",
NormalizedName = "ADMIN"
}
);
}
}
“
I made the above class to create the roles
Then i added a override in my ApplicationDbContext
“
protected override void OnModelCreating(ModelBuilder builder)
{
base.OnModelCreating(builder);
builder.ApplyConfiguration(new RoleConfiguration());
}
“
then i ran
“
INSERT INTO AspNetUserRoles
VALUES ('UserId','Administrator RoleId')
“
With the ids that i get from my tables,
however, the [Authorize(Roles = "Admin)]
on a page still tells me i dont have permissions to view this page. Any tips?10 Replies
<AuthorizeView Roles="Admin"> does not work either, it does not show me.
did you check to see if the token has the role?
Where can i check that?in the db you mean or check in the browser?
so you login as a user right?
and when you login you pass a token to the client side?
JWT.IO
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
yes as a user and the [authorize] works just not the role based one. I will check now ty
I can use the user token to see email etc not any role.
I also did a bool called isAdmin in my blazor component with @isAdmin = @context.User.IsInRole("Admin"); and it returns false
hmmm
I prob did something wrong setting it up? but i did it all at once, and basic authorize works right now just not the role based, i have the tables
setup etc, redone the project multiple times to try.
I see the roles that i migrated aswell they are in the table with ids.
My user is assigned a roleid
however i assigned it using sqlQuery.
Seems i missed some stuff i will try some editing and we will see .
http://schemas.microsoft.com/ws/2008/06/identity/claims/role
I see this link in the token in the console window of the browser now. Still no success in using the role authorization yet tho because it still says my user does not have the correct role.. Hmm
i added this to my program.cs in server:
“
builder.Services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>()
.AddProfileService<ProfileService>(); // Added this line“
And i created“ ProfileService.cs“
“
public class ProfileService : IProfileService
{
private readonly UserManager<ApplicationUser> _userManager;
public ProfileService(UserManager<ApplicationUser> userManager)
{
_userManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await _userManager.GetUserAsync(context.Subject);
if (user != null)
{
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = new List<Claim>();
foreach (var role in roles)
{
roleClaims.Add(new Claim(ClaimTypes.Role, role));
}
context.IssuedClaims.AddRange(roleClaims);
}
}
public async Task IsActiveAsync(IsActiveContext context)
{
var user = await _userManager.GetUserAsync(context.Subject);
context.IsActive = user != null;
}
}“
Hey guys
i fixed the issue by adding
to program.cs
my bad.........
Did not add claims to the token