I do an ASP .NET Core application, I have a controller that describes all administrative actions, only the admin can do these actions, i.e. i use roles

[Authorize(Roles = "Admin")]

If you go to the page by an unauthorized user - I am thrown on the login page, okay.

And if a regular user enters the admin panel and not an admin, then he is thrown onto a page with the URL AccessDenied?ReturnUrl=%2FAdmin%2FIndex contents of which Status Code: 404; Not Found Status Code: 404; Not Found

Is there any way to customize this page?

    2 answers 2

    In asp.net core 2.1, you can customize the display of the page / Identity / Account / AccessDenied

    enter image description here

    To do this, you need to select Add - New scaffloded item in the context menu of the project, select the identity item in the pop-up menu, and then indicate that you want to customize the Account \ AccessDenied page:

    enter image description here

    The default text of this page is as follows (you can correct it for the one you need):

     @page @model AccessDeniedModel @{ ViewData["Title"] = "Access denied"; } <header> <h1 class="text-danger">@ViewData["Title"]</h1> <p class="text-danger">You do not have access to this resource.</p> </header>
    • @AK, you did not understand me, or I have a poorly composed question. If the anonymous user logs in, then he, like you on the screen, throws it on the login and password input page. But if a user comes in who has entered a login and password, but does not fall under the role - Admin, then I encounter my problem - Dr.Russel
    • @AK, here, now what you need, AccessDenied is exactly what I was looking for, thanks) - Dr.Russel
    • @AK, my last comment was appropriate for the post, when you have not added the info about AccessDenied yet) - Dr.Russel

    There are methods for installing pages with status code:

     app.UseStatusCodePages(); app.UseStatusCodePages(Action<IApplicationBuilder>); app.UseStatusCodePages(Func<StatusCodeContext,Task>);

    Redirected:

     app.UseStatusCodePagesWithRedirects(string); app.UseStatusCodePagesWithReExecute(string with plaseholder, string);

    SOURCE, here with blackjack and examples!