Skip to content

Role Based Access Control (RBAC) using ASP.NET Core Web API

Notifications You must be signed in to change notification settings

yeasin90/aspnetcore-jwt-rbac

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Role Based Access Control (RBAC) using Jwt token and ASP.NET Core Web API

Implement RBAC using Jwt token and ASP.NET Core Web API for learning.

Features :

  • Jwt token configuration and generator
  • Role base authorization
  • Custom Policy based authorization
  • Environment wise Docker support (test, stage, prod and dev)

How to test :

Running the Web API from Docker :
  • Clone the repo.
  • Open command editor (CMD, PowerShell) from clone directory and navigate to :src\\jwt-authentication-server\\JwtAuthenticationServer
  • Run below docker command :
docker-compose -f docker-compose.<env>.yml up

here, env = dev or test or stage or prod.

Test RBAC API :
  1. From Postman, create a POST request with below body parameters :
{
"username":"manager",
"password":"manager"
}
  1. Hit the url : http://localhost:5000/api/auth/login. You will receive a Jwt token in response.
  2. Create a new GET request. Set Authorization Header = Bearer Token to that token. Hit either of the API.
http://localhost:5000/api/inventory/salaries 
http://localhost:5000/api/inventory/stock

Since your role is Manager, you will receive data. 4. Repeat Step#1 with below :

{
"username":"sales",
"password":"sales"
}
  1. Repeat Step#3. There will be an 401 = Un-authorized for http://localhost:5000/api/inventory/salaries

Reference :

About

Role Based Access Control (RBAC) using ASP.NET Core Web API

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published