I wonder if somebody here could help point me in the right direction?

I'm new to Angular and SPAs in general. I am currently writing an app that should use a user's windows credentials (from Active Directory) to authenticate them automatically.

My Application was set up in Visual Studio 2017 as an ASP.NET Core Web Application and using the "Angular" template which scaffolds an Angular 5 Client App into that same project.

I have managed to get windows Authentication working by using the imported NuGet package Microsoft.AspNetCore.Authentication and adding the line below to the ConfigureServices section of my Startup.cs

services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme); 

My Get and Post controllers work just fine and I am able to see a user's network credentials by looking at User.Identity.Name within any of my controller methods.

Now I would like to implement some sort of role based authentication system but I've got no idea where to start. I would like to be able to add an Attribute to a controller function which specifies the allowed roles (example below):

[Authorize(Roles = "Admin")] [HttpGet("[action]/{id}")] public User GetUser([FromRoute] int id) { UserLogic ul = new UserLogic(); return ul.GetUser(id); } 

If I was doing this in an MVC project, I would just implement a RoleProvider and then specify in my web.config that I want it used as the default provider - but there is no web.config for ASP.NET Core Web Applications.

How do I go about specifying my own role provider so that tags like this [Authorize(Roles = "Admin")] can be routed through to them?

I'd prefer to keep my own database tables containing users and roles and I'd prefer to be able to perform role authorization using my own data access layer.

Can anyone point me in the right direction?