Reputation: 121
Multiple Roles for a User belonging to multiple Organizations
I am working on a web application where a User belongs to multiple Organizations. The Role to be used is determined by what Organization the User is currently viewing the web application as. Once logged in, the User has the ability to easily switch between their different Organizations that they belong to. For some Organizations, a User may be an ADMIN while just being a MEMBER in others.
In ServiceStack, what is the best way to accomplish this? Would it make sense to leverage the Dictionary<string, string> Meta property of the Authenticate Request DTO? Or creating a custom AuthProvider that overrides the IsAuthorized method? Or a different technique?
Upvotes: 2
Views: 311
Answers (1)
Reputation: 143284
The simplest solution would be to assign custom org1.Admin, org2.Member Roles or permissions, that way you can use ServiceStack's built-in [RequiresRole] to validate access.
The bespoke alternative is to create a Custom UserSession and the appropriate typed metadata collections to your AuthUserSession object. Then use a custom RequestFilterAttribute to check the UserSession has the appropriate access.
Upvotes: 2
Related Questions
- Authorize with multiple roles
- How to authorize different roles on a .Net 5 OAuth API
- Authorization depending on user organization .net core
- Modifying .NET Core Roles depending on which organization the user is requesting access to (per-request)
- IdentityServer4 Role Based Authorization on multiple roles
- Client specific role based authentication?
- multiple roles for a user in aspnet identity
- Users in Multiple Organizations with Different Roles
- Multiple User Roles in Authorize
- Authorization Roles and Permissions