[Fixes #1583] Add authorization to the default Identity UI

dotnet · Jan 21, 2018 · 5079f70 · 5079f70
1 parent d968fdd
commit 5079f70
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/samples/IdentitySample.Mvc/Properties/launchSettings.json b/samples/IdentitySample.Mvc/Properties/launchSettings.json
@@ -3,7 +3,7 @@
     "windowsAuthentication": false,
     "anonymousAuthentication": true,
     "iisExpress": {
-      "applicationUrl": "http://localhost:28248/",
+      "applicationUrl": "http://localhost:51567/",
       "sslPort": 0
     }
   },

diff --git a/src/UI/IdentityDefaultUIConfigureOptions.cs b/src/UI/IdentityDefaultUIConfigureOptions.cs
@@ -7,6 +7,7 @@
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.AspNetCore.StaticFiles;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.FileProviders;
 using Microsoft.Extensions.Options;
 
@@ -17,6 +18,8 @@ internal class IdentityDefaultUIConfigureOptions :
         IPostConfigureOptions<StaticFileOptions>,
         IPostConfigureOptions<CookieAuthenticationOptions>
     {
+        private const string IdentityUIDefaultAreaName = "Identity";
+
         public IdentityDefaultUIConfigureOptions(IHostingEnvironment environment)
         {
             Environment = environment;
@@ -30,6 +33,8 @@ public void PostConfigure(string name, RazorPagesOptions options)
             options = options ?? throw new ArgumentNullException(nameof(options));
 
             options.AllowAreas = true;
+            options.Conventions.AuthorizeAreaFolder(IdentityUIDefaultAreaName, "/Account/Manage");
+            options.Conventions.AuthorizeAreaPage(IdentityUIDefaultAreaName, "/Account/Logout");
         }
 
         public void PostConfigure(string name, StaticFileOptions options)
@@ -58,9 +63,9 @@ public void PostConfigure(string name, CookieAuthenticationOptions options)
 
             if (string.Equals(IdentityConstants.ApplicationScheme, name, StringComparison.Ordinal))
             {
-                options.LoginPath = "/Identity/Account/Login";
-                options.LogoutPath = "/Identity/Account/Logout";
-                options.AccessDeniedPath = "/Identity/Account/AccessDenied";
+                options.LoginPath = $"/{IdentityUIDefaultAreaName}/Account/Login";
+                options.LogoutPath = $"/{IdentityUIDefaultAreaName}/Account/Logout";
+                options.AccessDeniedPath = $"/{IdentityUIDefaultAreaName}/Account/AccessDenied";
             }
         }
     }