Code Murals

This blog is going to explain what Role-Based Authorization is and how it can be implemented in ASP.NET Core MVC. The Authorization is a process of controlling which page the logged-in user can access. Role-Based Authorization authorizes the user based on the user's roles. Let's see how to achieve it step by step. Step 1: The first step is to make sure that the Authorization middleware is included in the Configure method of Startup.cs file . Authentication middleware checks whether the user has permission to place a request for the application. If the user has permission then it will allow creating a response. Authorization middleware should come after Authentication middleware as shown in the code below. Startup.cs public void Configure( IApplicationBuilder app, IWebHostEnvironment env) { ... ... ... app.UseAuthentication(); app.UseAuthorization(); ... ... ... } Step 2: In this step, I have created the Users class. It has thr

This blog is going to explain what Dependency Injection(DI) is and how to implement it in ASP.NET core MVC. Dependency Injection is one of the best practice in ASP.NET Core MVC. The ASP.NET core has a lot of internal components, most of which are created using Dependency Injection. It allows you to create loosely coupled applications. This requires some extra code writing, but it can be useful for applications. Let’s see step by step how to implement Dependency injection in ASPNet Core MVC Step 1: The following is a simple Movie class to store and display the result values. This Movie has three properties MovieName, ReleaseYear and Type public class Movie { public string MovieName { get ; set ; } public int ReleaseYear { get ; set ; } public string Type { get ; set ; } } Step 2: Here I have created an interface called IMovieService and its one methoGetMovieDetails(). So the class that implements the IMovieService interface needs to implement the

This blog is going to explain how to authorize the ASP.NET Core application globally. That is, it is not necessary to add the [Authorize] attribute to each controller or action method. The global authorization filter helps you to authorize the entire application. You can achieve this in a few steps. Step 1: Add the following code to the Startup.cs file in ConfigureServices mode. In the code first, the authorization policy has been created using AuthorizationPolicyBuilder() . It has several methods to create authorization policies. Here I have added the RequireAuthenticatedUser() method. It checks whether the user is authenticated or not. Similar to the [Authorize] filter. By adding this method you do not have to add the [Authorize] filter attribute to all controllers and methods. Finally, the global authorization filter is added using config.Filters.Add(new AuthorizeFilter(policy)); Startup.cs public void ConfigureServices( IServiceCollection services) { ... ...