0

I want to implement different login page for each user based in its role in asp net core . I can set login path but its static for any roles.

   services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            options.LoginPath = "Account/Login/";
            options.AccessDeniedPath = "Account/Forbidden/";
        });

so when i call action that authorize(role="Admin") redirect to admin login page. and when call action that authorize(role="User") redirect to User login page

Nkosi
  • 235,767
  • 35
  • 427
  • 472
mohammed besher
  • 368
  • 5
  • 17

2 Answers2

4

I add two different Authentication scheme in start up ConfigureServices like this

services.AddAuthentication(options =>
            {
                options.DefaultScheme = "UserAuth";
            })
            .AddCookie("UserAuth", options =>
      {
          options.LoginPath = "/Account/Login/";
          options.AccessDeniedPath = "/Account/AccessDenied/";

      })
       .AddCookie("AdminAuth", options =>
       {
           options.LoginPath = "/Admin/Account/Login/";
           options.AccessDeniedPath = "/Admin/Account/AccessDenied/";

       });

When authorize with admin role controller i choose admin scheme 

[Authorize(Roles = "Administrator", AuthenticationSchemes = "AdminAuth")]

When authorize with user role controller i choose user scheme 

 [Authorize(Roles = "User", AuthenticationSchemes = "UserAuth")]

You can review this link How do I setup multiple Authentication schemes in ASP.NET Core 2.0?

mohammed besher
  • 368
  • 5
  • 17
2

Sorry, not possible. The role of a user is not known until the user has authenticated. So you can't tell which login page to serve until they have already logged in, and they can't log in until you have served a login page, so the idea simply doesn't work.

The best you can do is offer a single login page that allows the user to select their role before signing on (e.g. with radio buttons, a dropdown list, or links that take the user to separate login pages). If you like, you can set a cookie to persist the user's selection so that they will only see the appropriate role-specific page the next time they sign on.

If you wish to redirect to a different login page based on some piece of data other than user context (e.g. if you want to redirect to different login pages depending on what URL the user was originally requesting) you can always write a custom authorize attribute and override the HandleUnauthorizedRequest method. Then you can redirect anywhere you want.

John Wu
  • 50,556
  • 8
  • 44
  • 80
  • all attributes [Authorize(Roles ="User")] and [Authorize(Roles ="User")] redirect to same login page that i used in Authentication cookie Scheme .Is that possible to change according to its role. – mohammed besher Dec 30 '17 at 08:35
  • I am not sure what you are asking but you can always write your own custom AuthorizeAttribute and redirect anywhere you want. I'll add some links to my answer. – John Wu Dec 30 '17 at 12:01