locked
Proper way to have different menus based on roles RRS feed

  • Question

  • User1457412228 posted

    I have the issue that "User.IsInRole" returns false either always, or most of the time, as indicated in this article.

    https://stackoverflow.com/questions/53271496/asp-net-core-identity-2-user-isinrole-always-returns-false

    Is this link REALLY the way to get the User.IsInRole("admin") to not always return false?   It seems way too cheesy to be the right solution, but I cannot find another.

    Here is the relevant code that I have for signing up, which seems to be where the problem may be.

                services.AddDefaultIdentity<IdentityUser>()
                    .AddDefaultUI(UIFramework.Bootstrap4)             
                     .AddRoles<IdentityRole>()
                 .AddRoleManager<RoleManager<IdentityRole>>()
    
                    .AddEntityFrameworkStores<ApplicationDbContext>();
              
                



    Tuesday, June 25, 2019 1:50 PM

Answers

  • User475983607 posted

    The most common approach is filtering menu items according to roles/claims.  This can be done in a query that fetches the menu from a database or a query that fetches a cached menu.  Generally IsInRoles() is not involved.

    The SO post asks why roles and claims are not available in the same request as the login.  The reason is there is no authentication cookie in the request.  In other words, the current request, the login request, is not authenticated which makes sense because the user is trying to login.  That's why you see a redirect which sends the authentication cookie to the browser.   The redirect target is authenticated so you can place security logic there, in the target, if needed.   Otherwise, you'll need to query the DB to get the user's roles since the roles do not exist in the context yet.  The next request will have the user roles and claims.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 25, 2019 2:18 PM

All replies

  • User475983607 posted

    The most common approach is filtering menu items according to roles/claims.  This can be done in a query that fetches the menu from a database or a query that fetches a cached menu.  Generally IsInRoles() is not involved.

    The SO post asks why roles and claims are not available in the same request as the login.  The reason is there is no authentication cookie in the request.  In other words, the current request, the login request, is not authenticated which makes sense because the user is trying to login.  That's why you see a redirect which sends the authentication cookie to the browser.   The redirect target is authenticated so you can place security logic there, in the target, if needed.   Otherwise, you'll need to query the DB to get the user's roles since the roles do not exist in the context yet.  The next request will have the user roles and claims.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 25, 2019 2:18 PM
  • User1457412228 posted
    Thank you.
    Tuesday, June 25, 2019 2:32 PM