You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
// Package: System.IdentityModel.Tokens.JwtJwtSecurityTokentoken=new JwtSecurityToken(
issuer:"saar",
audience:"saar-audience",
claims:new[]{new Claim(ClaimTypes.Role,"Admin")// Usually getting roles from database for the current user
new Claim(ClaimTypes.Role,"User")// Now, the second role for user.},
expires: DateTime.UtcNow.AddMinutes(5),
signingCredentials:new SigningCredentials(
key:new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Secret)),
algorithm: SecurityAlgorithms.HmacSha256
));
Authorization
To allow either role to access the resource:
publicclassProtectedResourceController:ControllerBase{[Route("protectedInfo")][HttpGet]// Allows either User or Admin access.[Authorize(Roles ="User, Admin")]public IActionResult Get(){return Ok("You can see this message means you are a valid user.");}}
To require both roles to access the resource:
publicclassProtectedResourceController:ControllerBase{[Route("protectedInfo")][HttpGet]// Only accepts claims having both Admin and User[Authorize(Roles ="Admin")][Authorize(Roles ="User")]public IActionResult Get(){return Ok("You can see this message means you are a valid user.");}}