Added built-in authorize

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInAuthorize.cshtml

@@ -0,0 +1,15 @@
+@page
+@model Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn.LoggedInAuthorizeModel
+@{
+    ViewData["Title"] = "AuthBuiltIn.LoggedInConfigure";
+}
+
+<h3>AuthBuiltIn.LoggedInAuthorize</h3>
+<p>
+    If you add <code>[Authorize]</code> to the PageModel  in e.g.,
+</p>
+<pre><code>
+    [Authorize]
+    public class LoggedInAuthorizeModel : PageModel
+    {...
+</code></pre>

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInAuthorize.cshtml.cs

@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn
+{
+    [Authorize]
+    public class LoggedInAuthorizeModel : PageModel
+    {
+        public void OnGet()
+        {
+        }
+    }
+}

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInConfigure.cshtml

@@ -0,0 +1,21 @@
+@page
+@model Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn.LoggedInConfigureModel
+@{
+    ViewData["Title"] = "AuthBuiltIn.LoggedInConfigure";
+}
+
+<h3>AuthBuiltIn.LoggedInConfigure</h3>
+<p>
+    You can configure a razor page in the <code>Startup</code> to logged in e.g.,
+</p>
+<pre><code>
+    public void ConfigureServices(IServiceCollection services)
+    {
+        //... other code left out 
+
+        services.AddRazorPages(options =&gt;
+        {
+            options.Conventions.AuthorizePage("/AuthBuiltIn/LoggedInConfigure");
+        });
+     }
+</code></pre>

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInConfigure.cshtml.cs

@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn
+{
+    public class LoggedInConfigureModel : PageModel
+    {
+        public void OnGet()
+        {
+        }
+    }
+}

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInUser.cshtml

@@ -0,0 +1,25 @@
+@page
+@model Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn.LoggedInUserModel
+@{
+    ViewData["Title"] = "AuthBuiltIn.LoggedInUser";
+}
+
+<h3>AuthBuiltIn.LoggedInUser</h3>
+<p>
+    You can test whether a user is logged in using the <code>User</code> instance
+</p>
+<pre><code>
+    public class LoggedInUserModel : PageModel
+    {
+        public IActionResult OnGet()
+        {
+            if (User.Identity?.IsAuthenticated != true)
+                return Challenge();
+
+            return Page();
+        }
+    }
+</code></pre>
+
+<a class="nav-link text-primary" asp-area="" asp-page="/Index">Back to home page</a>
+

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/LoggedInUser.cshtml.cs

@@ -0,0 +1,21 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn
+{
+    public class LoggedInUserModel : PageModel
+    {
+        public IActionResult OnGet()
+        {
+            if (User.Identity?.IsAuthenticated != true)
+                return Challenge();
+
+            return Page();
+        }
+    }
+}

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/Public.cshtml

@@ -0,0 +1,13 @@
+@page
+@model Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn.PublicModel
+@{
+    ViewData["Title"] = "AuthBuiltIn.Public";
+}
+
+<h3>AuthBuiltIn.Public</h3>
+<p>
+    A normal razor page is, by default, public 
+</p>
+
+<a class="nav-link text-primary" asp-area="" asp-page="/Index">Back to home page</a>
+

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/Public.cshtml.cs

@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn
+{
+    public class PublicModel : PageModel
+    {
+        public void OnGet()
+        {
+        }
+    }
+}

Example1.RazorApp.IndividualAccounts/Pages/AuthBuiltIn/UserRoles.cshtml

@@ -0,0 +1,18 @@
+@page
+@model Example1.RazorApp.IndividualAccounts.Pages.AuthBuiltIn.PublicModel
+@{
+    ViewData["Title"] = "AuthBuiltIn.LoggedInAttribute";
+}
+
+<h3>AuthBuiltIn.LoggedInAttribute</h3>
+<p>
+    By adding <code>[Authorize]</code> to the razor page model means you can only access it if you are logged in e.g.,
+</p>
+<pre><code>
+    [Authorize]
+    public class LoggedInAttributeModel : PageModel
+    {...
+</code></pre>
+
+<a class="nav-link text-primary" asp-area="" asp-page="/Index">Back to home page</a>
+

Example1.RazorApp.IndividualAccounts/Pages/Index.cshtml

@@ -4,7 +4,66 @@
     ViewData["Title"] = "Home page";
 }
 
-<div class="text-center">
-    <h1 class="display-4">Welcome</h1>
-    <p>Learn about <a href="https://docs.microsoft.com/aspnet/core">building Web apps with ASP.NET Core</a>.</p>
-</div>
+<h3>Welcome to example 1 of using the AuthPermissions library</h3>
+<p>
+    This example shows how to manage authorization in an <strong>ASP.NET Core razor pages</strong> web application
+    use both the in-built ASP.NET Core authorization features and then using the AuthPermissions library.
+    <br/>
+    See <a href="https://docs.microsoft.com/en-us/aspnet/core/security/authorization/secure-data">
+        ASP.NET Core documentation on building razor page web app individual accounts authorization
+    </a>.
+</p>
+<p>
+    To test these authorization features you will need some users to log in. Here are the various users and what they can do
+</p>
+<ul>
+    <li>coming soon!</li>
+</ul>
+
+<br/>
+
+<p><strong>Click the links to see what happens</strong></p>
+<table class="table">
+    <thead>
+    <tr>
+        <th>Link to razor page</th>
+        <th>Access</th>
+        <th>Auth type</th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td>
+            <a class="nav-link text-primary" asp-area="" asp-page="/AuthBuiltIn/Public">Public page</a>
+        </td>
+        <td>Anyone</td>
+        <td>default</td>
+    </tr>
+    <tr>
+        <td>
+            <a class="nav-link text-primary" asp-area="" asp-page="/AuthBuiltIn/LoggedInConfigure">Logged in page</a>
+        </td>
+        <td>Must be logged in</td>
+        <td>
+            <code>Configure</code>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <a class="nav-link text-primary" asp-area="" asp-page="/AuthBuiltIn/LoggedInAuthorize">Logged in page</a>
+        </td>
+        <td>Must be logged in</td>
+        <td>
+            <code>[Authorize]</code>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <a class="nav-link text-primary" asp-area="" asp-page="/AuthBuiltIn/LoggedInUser">Logged in page</a>
+        </td>
+        <td>Must be logged in</td>
+        <td>Test <code>User</code> instance</td>
+    </tr>
+
+    </tbody>
+</table>

Example1.RazorApp.IndividualAccounts/README.md

@@ -0,0 +1,23 @@
+# Example1.RazorApp.IndividualAccounts
+
+This project contains a example of using the AuthPermissions.AspNetCore library in ASP.NET Core razor page web app with user data provided by the individual accounts approach. This is one of the simplest approaches using:
+
+- **Application**: ASP.NET Core, Razor Pages
+- **App type**: Single instance with one database.
+- **Database type**: SQL Server (localdb for testing)
+- **Users**: ASP.NET Core's individual accounts
+- **Roles**: ASP.NET Core's individual accounts
+- **AuthenticationType**: Cookie
+
+The ASP.NET Core code comes comes from the [ASP.NET Core documentation on building razor page web app individual accounts authorization](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/secure-data), but the handling of the visibilty of the contact manager features are handled by the AuthPermissions.AspNetCore library.
+
+The AuthPermissions.AspNetCore code/features used in this example
+
+- Mapping the user's Roles to Permissions (read this doc).
+- Authorization in razor pages via the `IsAuthorized(<enum permission>)` method.
+- UserId data key, plus permissions.
+- Add SuperUser on startup feature.
+- Admin page to alter the permissions in each role.
+
+*NOTE: [This article](https://blog.francium.tech/asp-net-core-basic-authentication-authorization-in-razor-pages-with-postgresql-b1f2888b21d0) provides a good overview of the statndard ASP.NET Core authorization approaches.*
+

Example1.RazorApp.IndividualAccounts/Startup.cs

@@ -12,6 +12,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Example1.RazorApp.IndividualAccounts
 {
@@ -33,8 +34,12 @@ public void ConfigureServices(IServiceCollection services)
             services.AddDatabaseDeveloperPageExceptionFilter();
             services.AddDefaultIdentity<IdentityUser>(
                     options => options.SignIn.RequireConfirmedAccount = false)
+                .AddRoles<IdentityRole>()
                 .AddEntityFrameworkStores<ApplicationDbContext>();
-            services.AddRazorPages();
+            services.AddRazorPages(options =>
+            {
+                options.Conventions.AuthorizePage("/AuthBuiltIn/LoggedInConfigure");
+            });
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.

Example1.RazorApp.IndividualAccounts/appsettings.json

@@ -1,6 +1,6 @@
 {
   "ConnectionStrings": {
-    "DefaultConnection": "Server=(localdb)\\mssqllocaldb;Database=aspnet-Example1.RazorApp.IndividualAccounts-53bc9b9d-9d6a-45d4-8429-2a2761773502;Trusted_Connection=True;MultipleActiveResultSets=true"
+    "DefaultConnection": "Server=(localdb)\\mssqllocaldb;Database=aspnet-Example1.RazorPages.IndividualAccounts;Trusted_Connection=True;MultipleActiveResultSets=true"
   },
   "Logging": {
     "LogLevel": {