December 2019
Intermediate to advanced
598 pages
12h 21m
English
At the moment, any authenticated user can update or delete questions. We are going to implement and use a custom authorization policy and use it to enforce that only the author of the question can do these operations. Let's carry out the following steps:
using Microsoft.AspNetCore.Http;using Microsoft.AspNetCore.Authorization;using QandA.Authorization;
Note that the reference to the QandA.Authorization namespace doesn't exist yet. We'll implement this in a later step.