Introduction
The first part of the article explained how to create an identity in a simple way. This article explains, how to create an identity with “Roles” in a simple way, using ASP.NET MVC. Before reading this article, please read the first part of this article. Link for the first part of the article is given below:
Definition
Role based identity is a secure way of an authentication with the roles in Web Applications. It is done to identify the authorized user with the roles.
Background
An identity is one of the secured way to access our Applications. An identity is not only providing full security. Instead of an identity, we are using an identity with the roles. A role is more secure one, because it restricts a user from accessing the controls of the Application. Role denotes access permission to the users. For example, if you are an admin for the Web Application, you can do any modification in the Application , but if you are a user, you cannot do any modification, as your access might be restricted.
Steps for Crating Identity with Roles
Step 1: Follow the first part of this article’s steps, before creating an identity with the roles.
Step 2: Go to Solution Explorer, expand App_Data folder and double click “aspnet-NewIdentity-20160726112300.mdf” file. Now, you can see all the tables which you have created, using the default identity.
Step 3: We want to store all the roles in AspNetRoles table for using the Application. Right click “AspNetRoles” table and click New Query.
Step 4: New query Window will open, after clicking the new query options. We can write any SQL query in SQL query Window and run it like the screenshots, given below:
Step 5: Insert roles in “AspNetRoles” table, using SQL query. The screenshots, given below, explain how to insert the roles in the specified table.
Step 6: We need to map with role ID and users ID now. We already saved the user details in “AspNetUsers” tables. Using “AspNetUserRoles” table, we can map the users and the roles. We are mapping, using “UserId” field from “AspNetUser” table and “RoleId” field from “AspNetUsers” table into “AspNetUserRoles” table.
Step 7: We can map many roles to the users, using previous step. These roles and users are working with the help of OWIN middleware.
I assigned my user ID to the admin role. Now, we use the role in the coding part. Based on the role, we can access it in our Application. We need to write the coding, given below:
Coding For Roles
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Web;
- using System.Web.Mvc;
- namespace NewIdentity.Controllers
- {
- [Authorize]
- public class TestController: Controller
- {
-
-
-
-
-
-
- [Authorize(Roles = "Admin")]
- public ActionResult Identity() {
- return Content("We are using Identity");
- }
- public ActionResult NonIdentiy() {
- return Content("We are not using Identity");
- }
- }
- }
Explanation
Here, we assign an admin role to “Identity” action methods. Thus, the other user can not access “Identity” action method. This is the meaning of “[Authorize(Roles="Admin")]”.
If we run the Application, http://localhost:51868/Test/Identity URL, it will redirect to the login page, because we are using an identity with an admin role.
Finally, enter the credentials and enter the specified page. We assigned an “admin” role to
[email protected] user as well as assigned an admin role to “Identity” Action method.
If we try to enter a different user, but the same URL, we cannot enter it, because we do not assign an admin role to any other user.
We are trying to login, using
[email protected]. It has successfully logged in, but does not go to a specified page. It is again required to login to the page because of the roles. We can see screenshot, given below:
We can assign the roles in the controller levels as well as action methods level. We can assign a controller level in the following way:
Roles in Controller Level
- namespace NewIdentity.Controllers
- {
-
-
-
-
-
-
- [Authorize(Roles = "Admin")]
- public class TestController: Controller
- {
- public ActionResult Identity()
- {
- return Content("We are using Identity");
- }
- public ActionResult NonIdentiy()
- {
- return Content("We are not using Identity");
- }
- }
- }
We assign a role for “Test” controller as an “Admin”. Thus, those who have an admin role are the only persons to access in “Test” controller. Users with other roles cannot access “Test” Controller.
Conclusion
This article and the previous article of this series are about identity and roles. It helps those, who are newly learning about identity and roles in ASP.NET MVC. The next part of article explains how to create a custom identity and roles in ASP.NET MVC.