Last post Jun 25, 2019 02:32 PM by talldaniel
Jun 25, 2019 01:50 PM|talldaniel|LINK
I have the issue that "User.IsInRole" returns false either always, or most of the time, as indicated in this article.
Is this link REALLY the way to get the User.IsInRole("admin") to not always return false? It seems way too cheesy to be the right solution, but I cannot find another.
Here is the relevant code that I have for signing up, which seems to be where the problem may be.
Jun 25, 2019 02:18 PM|mgebhard|LINK
The most common approach is filtering menu items according to roles/claims. This can be done in a query that fetches the menu from a database or a query that fetches a cached menu. Generally IsInRoles() is not involved.
The SO post asks why roles and claims are not available in the same request as the login. The reason is there is no authentication cookie in the request. In other words, the current request, the login request, is not authenticated which makes sense because
the user is trying to login. That's why you see a redirect which sends the authentication cookie to the browser. The redirect target is authenticated so you can place security logic there, in the target, if needed. Otherwise, you'll need to query the
DB to get the user's roles since the roles do not exist in the context yet. The next request will have the user roles and claims.
Jun 25, 2019 02:32 PM|talldaniel|LINK