Custom Authorization and Policy-Based Authorization in ASP.NET Core
HTML-код
- Опубликовано: 8 фев 2025
- ►► Check out our courses: bit.ly/cdmz-co...
►► Support us on Patreon and get the source code: / codemaze
In this video, I will show you how to implement a custom authorization attribute in ASP.NET Core and how to use dependencies while creating those custom attributes. Also, you will see how to use the policy-based authorization as a recommended way to implement the custom authorization logic.
Custom Authorize Attribute
ASP.NET Core provides filters to execute user-defined code before or after an action method. One of those filters that helps in authorizing the request before the action method invokes uses the IAuthorizationFilter interface.
This interface exposes a single OnAuthorization() method that executes every time before an action method is invoked.
FOLLOW US ON SOCIAL MEDIA!
►► / marinko-spasojevic
►► / codemazeblog
►► / codemazeblog
Thank you all for watching and for your support.
►► If you want to check out all our courses you can do that here: courses.code-maze.com/courses/
Thank you for the video. It was not exactly what I was looking for, but it helped me significantly in my search to what I need :D
Hi. That's great to hear. I am sure I can't answer all the questions in a single video, but if it can help you or anyone else with their search and further learning, I am more than happy with it :)
@@CodeMaze that is exactly what you did, thank you kindly!
Thanks, just what I needed!
I'm glad the video was helpful. Thanks for watching.
Your videos are always amazing!
Thank you so much! Glad you like the videos.
Thanks for video.
I have an assignment that Roles must be dynamic, means that in [Authorize(Roles = "Admin")] must not be constant, it can vary and dynamic (could be changed on runtime rather than putting hardcoded).
How can I get list of roles for the user who is accessing the controller/action to check wether he/she is allowed to access or not.
How can I achieve this, can you guide me or make a video on this?
I would be very thankful.
Hi. For your use case, you have to use claims and policies. When you have a kind of complex authorization logic with roles, you can't do that simply using the fixed attribute values. The policies will allow you a lot of flexibility and a custom code. Even though my video: ruclips.net/video/lYvF63SvS3g/видео.html doesn't cover your specific use case, maybe it can help you to get the global picture of how you can do it.
Dear Marinko,
Thanks for sharing this useful concept, the question is, is it a good practice to implement this concept inside the CodeMaze structure?
Thanks in advance.
Hi. Yes, it is. If you need a custom authorization logic for any .NET project, you can use this solution.
do you have github link for this example ?
Hi. I don't have a Github link but the source code is part of the Patreon support program with other benefits.