Reputation: 78
Roles added to the user does give false in IsInRole
I am trying to use [Authorize(Roles = "Administrator")] But I always get "Access denied".
To test if i added the roles correct i added the following code in my controller:
var test=User.IsInRole("Administrator");
var user = await userManager.GetUserAsync(User);
var roles =await userManager.GetRolesAsync(user);
rolesOfUser = roles.ToList();
Have I added the role wrong?
Why does IsInRole always return false? is suggesting that the user is not signin or completed all authentication process. If the is the case how do i do that?
Seeding data:
public async Task SeedAsync()
{
context.Database.EnsureCreated();
if (await roleManager.RoleExistsAsync("Administrator") == false)
{
await roleManager.CreateAsync(new IdentityRole("Administrator"));
}
var user = await userManager.FindByEmailAsync("Jakob.Madsen@********.com");
if (user == null)
{
user = new IdentityUser()
{
UserName = "Jakob.Madsen@*********.com",
PhoneNumber = "*********",
Email = "Jakob.Madsen@*********.com",
};
var result = await userManager.CreateAsync(user, "*********");
if (result == IdentityResult.Success)
{
userManager.AddToRoleAsync(user, "Administrator").Wait();
}
else
{
throw new InvalidOperationException("Could not create Administrator");
}
}
var resultRoles = await userManager.GetRolesAsync(user);
if (resultRoles.Contains("Administrator") == false)
{
userManager.AddToRoleAsync(user, "Administrator").Wait();
}
}
Update: I follow this ASP .Net Core Identity Role Claims not adding to User as suggested. And it now works.
Upvotes: 0
Views: 157
Answers (1)
Reputation: 27578
The IsInRole method and [Authorize(Roles="Administrator")] attribute check whether an identity that this claims principal possesses contains a claim of type ClaimsIdentity.RoleClaimType(http://schemas.microsoft.com/ws/2008/06/identity/claims/role) where the value of the claim is equal to the value specified by the role parameter.
So to summarize, if you call IsInRole, by default the assumption is that your claims representing roles have the type mentioned above – otherwise the role check will not succeed. You can confirm that by listing the claims :
var claims = User.Claims.ToList();
You haven't provide how you seed the roles , but you can find a lot of code samples :
ASP.NET Core 2.0: Getting Started With Identity And Role Management
.NET Core 2.1 Use Role Management
Also don't forget to logout and login again to see the desired behavior .
Upvotes: 2
Related Questions
- ASP.NET Core Identity 2: User.IsInRole always returns false
- User.IsInRole return false
- User.IsInRole always returns false in View or code using Policy based Authorization
- ASP.NET Core 2.0 unable to check if user is in role properly in Razor view or controller [authorize] annotation
- Proper way to assess Role in Authorization as User.IsInRole() always returns false
- User.IsInRole() returns false and Authorize Roles gives me an Access Denied
- User.IsInRole() always returns false only in controller
- User.IsInRole always returning true ASP.NET IDENTITY
- UserManager.IsInRole returns false
- ASP.Net MVC 5 Identity Roles added to database but User.IsInRole always returns false