Last post Nov 07, 2020 11:59 AM by mgebhard
Nov 07, 2020 06:44 AM|saulius|LINK
I create an Asp.Net Core 3 Blazor WASM app for my work. App users are stored in Azure AD. User roles and claims are stored in the database on premise MSSQL server. I use Azure AD authentication then I need to retrieve user roles and claims. I created a middleware
which queries the database for roles and claims on each request and I put this middleware right after useAuthentication().
I would like to stop abusing the database server with each request. I'd like to make that the app queried the database for roles and claims only once, then stored this data on the client as JWT or cookie. With each request, after Azure AD authentication,
checked if the user has got particular roles and claims. If he has, then used them for authorization. If he doesn't have then queried the database. In case of positive query result stored the roles and the claims on the client. In case of negative query result
refused to authorizate.
Is this possible? Maybe some hints? Or it's a wrong idea and must be done somehow quite differently? I'm very fresh on Asp.Net Core, the Identity library, authentication and authorization stuff seem to be so broad, deep and complicated, whenever I try to
find the answer in microsoft.docs I quickly lose the path.
Nov 07, 2020 11:59 AM|mgebhard|LINK
If you are using the standard libraries then the roles are cached in an auth cookie. See the official docs;