Reputation: 604
Using role-based authentication in ASP.NET Core is ok with using Ajax?
I am using ASP.NET Core MVC. In my project I use Ajax in order to get some JSON data from an action on my controller. It requests data from the database, then return it as json. It works well.
I want to use role-based authentication in my ASP.NET Core MVC project.
This is my question: if I use a controller action restriction by something like [Authorize(Roles = "Admin")], will it allow anyone whose role is "Admin" to call this method? (I mean will it work without any other trouble just by logging in as Admin)
And will it disable accessing those data when the role is not "Admin"`?
I have not still add Identification to my new project and I'm new to using Ajax.
Upvotes: 0
Views: 141
Answers (1)
Reputation: 604
I have just tested it and it does as desired. It return 401 Unauthorized status code when the user is not authorized and 200 OK success status response code. Thanks guys for your responses.
Upvotes: 1
Related Questions
- Login using AJAX and ASP.NET Core
- Role based authorization with IdentityServer4
- Role-based authorization with ASP.NET Core 5.0
- Asp.net core mvc role-based authorization with Azure AD
- Handle Authentication in ajax call from MVC client to resource api in Identity server 4
- Is it safe to use .RequireRole() without .RequireAuthenticatedUser() in ASP.NET Core authorization policies?
- Should i use Role based Authentification?
- Microsoft.AspNetCore.Identity authorization or authentification with razor pages
- Role-Based Authentication with aspnet identity in ASP.NET MVC 4
- asp.net forms authentication Global.asax and ajax calls