Thank you all for watching and for your support. ►► If you want to master Web API development using best practices, check out our Web API book: bit.ly/3x75ZMM ►► Also, to build great full-stack apps with Blazor, check out our course: bit.ly/3Pw3Y33
Thanks for video. I have an assignment that Roles must be dynamic, means that in [Authorize(Roles = "Admin")] must not be constant, it can vary and dynamic (could be changed on runtime rather than putting hardcoded). How can I get list of roles for the user who is accessing the controller/action to check wether he/she is allowed to access or not. How can I achieve this, can you guide me or make a video on this? I would be very thankful.
Hi. For your use case, you have to use claims and policies. When you have a kind of complex authorization logic with roles, you can't do that simply using the fixed attribute values. The policies will allow you a lot of flexibility and a custom code. Even though my video: ruclips.net/video/lYvF63SvS3g/видео.html doesn't cover your specific use case, maybe it can help you to get the global picture of how you can do it.
Dear Marinko, Thanks for sharing this useful concept, the question is, is it a good practice to implement this concept inside the CodeMaze structure? Thanks in advance.
Thank you all for watching and for your support.
►► If you want to master Web API development using best practices, check out our Web API book: bit.ly/3x75ZMM
►► Also, to build great full-stack apps with Blazor, check out our course: bit.ly/3Pw3Y33
Your videos are always amazing!
Thank you so much! Glad you like the videos.
Thanks for video.
I have an assignment that Roles must be dynamic, means that in [Authorize(Roles = "Admin")] must not be constant, it can vary and dynamic (could be changed on runtime rather than putting hardcoded).
How can I get list of roles for the user who is accessing the controller/action to check wether he/she is allowed to access or not.
How can I achieve this, can you guide me or make a video on this?
I would be very thankful.
Hi. For your use case, you have to use claims and policies. When you have a kind of complex authorization logic with roles, you can't do that simply using the fixed attribute values. The policies will allow you a lot of flexibility and a custom code. Even though my video: ruclips.net/video/lYvF63SvS3g/видео.html doesn't cover your specific use case, maybe it can help you to get the global picture of how you can do it.
Thanks, just what I needed!
I'm glad the video was helpful. Thanks for watching.
Dear Marinko,
Thanks for sharing this useful concept, the question is, is it a good practice to implement this concept inside the CodeMaze structure?
Thanks in advance.
Hi. Yes, it is. If you need a custom authorization logic for any .NET project, you can use this solution.
do you have github link for this example ?
Hi. I don't have a Github link but the source code is part of the Patreon support program with other benefits.