Good afternoon,
I am using ASP Net Core Identity, MSSQL database & C#, if that is at all relevant to my issue, I am trying to achieve the following:
Ideally, if an Administrator changes a user's role, that user should either refresh so that the application can reassess his access, or the application should dynamically log the user out.
For my application it is very important that if a role is deleted for a user he loses immediate access to anything he needed the role to see, I'm not too bothered if they need to logout and login to gain access to something new.
I spent a good while searching for the best way to achieve this, but came up short unfortunately - I have read that we shouldn't mess with cookies or requests from within Blazor, so not too sure if that would be the way to go.
Should I be using something other than roles for this? I could create a list of users in my DB that should be logged out on their next request, add any user who's roles change to this list, and check for this everywhere - but it seems to not be the cleanest way of doing it.
I also read that I could generate temporary tokens, but it wouldn't be ideal to log everyone out every 10 to 15 minutes if their roles haven't changed.
Does anyone have any advice that could help?
Thanks in advance.