So i am new to Asp.net Core and i want to implement custom authorization layer so i can use Authorize attributes to check for roles. Here is my what i want to achieve.
In my application i do not want to store any user information, instead i will get the user details in session by authenticating that user in an external system and will be provided to me in the session.
I want to store user details from session into local user object in the application which will also have role information. What would be the best way to implement this functionality?
I am not sure how do i set the values coming from the session and then how to create an Authorize or Policy attribute that i can use across my controllers and views to hide/show some features in my application.
Please provide me some examples to get better understanding