Posts

Showing posts from March, 2021

View-Based Authorization in ASP.NET Core

Image
This blog is going to explain what is View-Based Authorization and how to implement it in ASP.NET Core. In some cases, the developer may need to show or hide the UI based on the user's identity. For example, an admin can edit data, but should not allow guest users to edit data. In this case, the developer should show the edit link when the admin user logs in and hide the edit link when the guest user logs in. This process can be achieved through View-Based Authorization . Let's look at that step by step. Step 1: In the first step, I created a Users class to get user details. Also, I added two values to test View-Based Authorization . For real use, you need to get these user details from the database. Users.cs public class Users { public string Username { get ; set ; } public string Password { get ; set ; } public string Role { get ; set ; } public DateTime DateOfBirth { get ; set ; } public IEnumerable<Users> GetUsers() {

Policy-Based Authorization in ASP.NET Core

Image
Authorization is the process of determining whether a user is allowed to access a resource. Policy-based authorization helps to verify one or more requirements to authorize the user. The policy-based authorization helps to separate the application logic and authorization logic We will see step by step how to implement policy-based authorization on ASP.NET Core MVC. In this example, the policy-based authorization is going to authorize whether the user is from the state of Florida or not. This will allow the user to access the page only when the user state is Florida Step 1: In the first step, I created a class to get user information. For demo purposes, I have added two data. But in a real application, you need to get information from the database. public class Users { public string Username { get ; set ; } public string Password { get ; set ; } public string State { get ; set ; } public IEnumerable<Users> GetUsers() { return new