Show / Hide Table of Contents

    Security

    Content of this article

    Overview

    Authentication

    Authorization

    This article briefly introduces how to configure the application authentication and authorization in SnapDevelop.

    Overview

    The ASP.NET Core authentication and authorization are integrated in SnapDevelop.

    You can enable authentication and authorization on the Security tab of the designer project property page.

    For authentication, you can select to use ASP.NET Identity at this moment. The current authentication framework is Microsoft's ASP.NET Identity

    For authorization, you can select to use ASP.NET Core Default Policy, or click Add to add your own policy. The current authorization configuration supports the policy-based authorization.

    After you enable authentication and authorization here, all APIs will automatically use the default policy by default, and you can select to use different authorization strategy for each API in the API settings page.

    image-20230601095233423

    Authentication

    1. When authentication is enabled, the ICurrenUser interface and implementation are automatically created for accessing the identity information.

      image-20230613142659029

    2. The ICurrentUser interface can be selected in any expression designer except for the default value in the entity designer.

    image-20230613142343160

    Note: When authentication is enabled, the Authentication project will be generated with the other projects, and the identity database configuration will be added for storing the persistence data in a database, as shown in the following figure. You can view the database configuration by double-clicking the profile under the GenerationProfiles node in the Solution Explorer.

    image-20230613141836437

    Authorization

    Contents of this section

    Overview

    Add Policy

    Default policy

    Overview

    The authorization policy designer is used to configure the authorization policy of the application; it has a built-in ASP.NET Core default policy that cannot be deleted.

    image-20230613143126546

    Add policy

    Click Add to add a policy and then click the Rename icon on the right to modify the policy name to the actual name:

    image-20230613143427483

    Default policy

    You can select the Default column to specify a policy as the application default policy:

    image-20230613143834169

    Code Preview:

    image-20230613143926296

    At present, the authorization policy designer can only add policies and specify the default policy; complete functions will be provided in the GA version.

    Back to top