0

I'm creating an app wherein authorization comes from another web app and I'm not allowed to save users data on my own database, what happens is the user will log-in on their app and they will redirect the user to my app -if they have access. The app will then pass info to my application. One of the info is the user role and I'm thinking if I can use it to customize Identity (function). Currently, I'm saving them on Session and it's just a lot of work and if else statement.

If I can do such a thing, how?

JaneTho
  • 321
  • 1
  • 2
  • 13
  • Why use Identity if you can't store ANY user info? What feature does it bring you that you want? These might also be worth a read https://auth0.com/docs/protocols/oidc https://auth0.com/docs/protocols/oauth2 https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/other-logins?view=aspnetcore-2.2 – Sean Missingham Jan 22 '19 at 03:09
  • My app has a level of access and I only store their user roles in session. I want to use the function similar to Identity and Auth (e.g [Authorize],[AllowAnonymous], and Authorize("Admin") etc.) If its not possible, maybe can I recreate/override such function on my own? I want to write much cleaner than multiple if else condition – JaneTho Jan 22 '19 at 03:28
  • Are you trying to avoid the repetition of your auth if/else code? If so, just make your own custom auth attribute: https://stackoverflow.com/questions/11493873/how-to-implement-custom-authorize-attribute-for-the-following-case – Sean Missingham Jan 30 '19 at 00:10

0 Answers0