First of all, great video. Got a quick question, at 16:58, you replaced the previous policy "AdminAndPowerUser" with the new one "EmployeeWithMoreThan20Years". What if I want to keep the previous one as well, so a user who is an Admin but has worked less than 20 years can still have the access? Could you please help to explain how to implement that? Thanks very much.
@Chenru Yan, I am not 100% sure, I will have to try it out, but the easiest solution I can think of is creating a new policy to cover all the scenarios.
@@DotNetCoreCentral Thanks for your reply. For the new policy, does that mean a new handler will be created to check if the user belongs to Admin or PowerUser or has worked more than 20 years? That feels like repeating what already have been done in the other two policies. Just curious is possible in the Startup.cs file, do something such as options.AddPolicy("Combined", policy => policy.Add("AdminAndPowerUser", "EmployeeWithMoreThan20Years")); I am quite new to ASP.NET, please bear with all my naive questions.
@@yanchenru This post in stack overflow should help you with your requirement: stackoverflow.com/questions/35609632/asp-net-5-authorize-against-two-or-more-policies-or-combined-policy
good vide , but i have question , what if my Roles are created on the running of the Application , it should not be hard coded here specially when you are using RequireRole function
@Osama ALSHABANi, thanks for watching! For your question, roles are usually decided as part of the requirement gathering process, not so much as a part of runtime code. But if you have a scenario where roles are created dynamically, in that case, you cannot use it this way for sure.
Thank you very much. Can you also make a video on how to change the user claim after the user is logged in. Need a flexibility to refresh the claims of the user without asking him to log out and login again.
@yoges waran, thanks for watching the video! If I understand your requirement correctly, what you are looking for is the refresh token implementation. I have done a video on the same here: th-cam.com/video/7JP7V59X1sk/w-d-xo.html Please take a look and let me know if this serves your purpose.
My friend it's authorization not authentication. You can authenticate yourself with bearer token, cookie etc. - just to tell who you are. You can authorize yourself with policies or roles - check if you're allowed to do something.
my friend, you saved my life with a current project. You're amazing
Glad I could help!
can you kindly tell me how to write authorization handler to keep user with same role i.e. user from editing or deleting each others records
First of all, great video.
Got a quick question, at 16:58, you replaced the previous policy "AdminAndPowerUser" with the new one "EmployeeWithMoreThan20Years".
What if I want to keep the previous one as well, so a user who is an Admin but has worked less than 20 years can still have the access?
Could you please help to explain how to implement that? Thanks very much.
@Chenru Yan, I am not 100% sure, I will have to try it out, but the easiest solution I can think of is creating a new policy to cover all the scenarios.
@@DotNetCoreCentral Thanks for your reply. For the new policy, does that mean a new handler will be created to check if the user belongs to Admin or PowerUser or has worked more than 20 years? That feels like repeating what already have been done in the other two policies. Just curious is possible in the Startup.cs file, do something such as
options.AddPolicy("Combined", policy => policy.Add("AdminAndPowerUser", "EmployeeWithMoreThan20Years"));
I am quite new to ASP.NET, please bear with all my naive questions.
@@yanchenru This post in stack overflow should help you with your requirement: stackoverflow.com/questions/35609632/asp-net-5-authorize-against-two-or-more-policies-or-combined-policy
@@DotNetCoreCentral Thank you for the information, it is very helpful.
@@yanchenru you are welcome!
good vide , but i have question , what if my Roles are created on the running of the Application , it should not be hard coded here specially when you are using RequireRole function
@Osama ALSHABANi, thanks for watching!
For your question, roles are usually decided as part of the requirement gathering process, not so much as a part of runtime code.
But if you have a scenario where roles are created dynamically, in that case, you cannot use it this way for sure.
Excellent explanation. Thank you very much.
Thanks
great works! Keep it up.
Muhammad Eakub thank you!
Very good tutorial on the subject. Thanks very much
@@johnnguyen1655 Thanks!
Excellent lesson, thank you very much.
@Nick Fletcher, thanks for watching!
Great video, thanks!
Glad you liked it!
how can we fetch roles from db and use in handler
@saveen gs, it should be just like any other place where you access the database. You do it from the middleware for authentication.
@@DotNetCoreCentral thankq
Great content! thank you!
great vid. but unrelated question, what 's the name of the extension that you're using to get when the code was committed last and by whom?
It comes by default in visual studio pro and enterprise, it's called git blame
@@KunalMukherjee3701 aha that's why I don't have it, I use community. Thanks for the reply!
thanks for sharing, great video!!
@Elio Scipioni, thanks for watching!
Thank you very much. Can you also make a video on how to change the user claim after the user is logged in. Need a flexibility to refresh the claims of the user without asking him to log out and login again.
@yoges waran, thanks for watching the video!
If I understand your requirement correctly, what you are looking for is the refresh token implementation. I have done a video on the same here: th-cam.com/video/7JP7V59X1sk/w-d-xo.html
Please take a look and let me know if this serves your purpose.
Suggestion: Video for when to use Transient, Scoped and Singleton would be really helpful. (on you realworld project experience :) )
@Saurabh Chauhan, thanks for watching, and thanks for the suggestion!
very helpful
@Nguyễn Văn Trình, thanks for watching!
Really tnx
@Giampaolo TUCCI, thanks for watching!
Thank you!
@Karen D, thanks for watching!
@@DotNetCoreCentral It was very straight forward and to the point, answered exactly what I was looking for!
@@karenj5880 glad this video could help!
My friend it's authorization not authentication.
You can authenticate yourself with bearer token, cookie etc. - just to tell who you are.
You can authorize yourself with policies or roles - check if you're allowed to do something.