There are a lot of interesting articles, tutorials and blog posts which describe authorization with roles and policies. Simple googling will help you to find among them, for example:
- Official ASP.NET Core documentation tutorial.
- Temi Lajumoke’s article about using custom user roles for ASP.NET Core.
- Juan Carlos Sanchez’s post.
But even after you'll read all of them, it's hard to get answers to the few questions:
- How to seed initial records of the users and roles to the database?
- How to restrict access to the page menu items for those users, who belongs only to special roles?
- And how to assign the new user to the default role?