Security

Content of this article

Overview

Authentication

Authorization

This article briefly introduces how to configure the application authentication and authorization in SnapDevelop.

Overview

The ASP.NET Core authentication and authorization are integrated in SnapDevelop.

You can enable authentication and authorization on the Security tab of the designer project property page.

For authentication, you can select to use ASP.NET Identity at this moment. The current authentication framework is Microsoft's ASP.NET Identity

For authorization, you can select to use ASP.NET Core Default Policy, or click Add to add your own policy. The current authorization configuration supports the policy-based authorization.

After you enable authentication and authorization here, all APIs will automatically use the default policy by default, and you can select to use different authorization strategy for each API in the API settings page.

image-20230601095233423

Authentication

  1. When authentication is enabled, the ICurrenUser interface and implementation are automatically created for accessing the identity information.

    image-20230613142659029

  2. The ICurrentUser interface can be selected in any expression designer except for the default value in the entity designer.

image-20230613142343160

Note: When authentication is enabled, the Authentication project will be generated with the other projects, and the identity database configuration will be added for storing the persistence data in a database, as shown in the following figure. You can view the database configuration by double-clicking the profile under the GenerationProfiles node in the Solution Explorer.

image-20230613141836437

Authorization

Contents of this section

Overview

Add Policy

Default policy

Overview

The authorization policy designer is used to configure the authorization policy of the application; it has a built-in ASP.NET Core default policy that cannot be deleted.

image-20230613143126546

Add policy

Click Add to add a policy and then click the Rename icon on the right to modify the policy name to the actual name:

image-20230613143427483

Default policy

You can select the Default column to specify a policy as the application default policy:

image-20230613143834169

Code Preview:

image-20230613143926296

At present, the authorization policy designer can only add policies and specify the default policy; complete functions will be provided in the GA version.