Challenge: Enforcing Role-Based Authorization
Understand how to enforce role-based authorization in an ASP.NET Core social network API. Learn to configure access for different user roles using JWT claims to protect controller endpoints while allowing necessary anonymous access.
We'll cover the following...
We'll cover the following...
Overview
In this challenge, you have a mock application that represents the back-end API of a social network. In its initial state, all endpoints are accessible without any authentication or authorization, which is an obvious security risk. You need to enforce authentication and authorization based on the specified requirements.
Requirements
In the playground below, you have two controller classes:
ContentController: It contains the endpoints that allow users to view and post content on the ...