CodeConCarne.EntityFrameworkCore.Auth 8.0.0

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package CodeConCarne.EntityFrameworkCore.Auth --version 8.0.0
                    


                    

                
NuGet\Install-Package CodeConCarne.EntityFrameworkCore.Auth -Version 8.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="CodeConCarne.EntityFrameworkCore.Auth" Version="8.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="CodeConCarne.EntityFrameworkCore.Auth" Version="8.0.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="CodeConCarne.EntityFrameworkCore.Auth" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add CodeConCarne.EntityFrameworkCore.Auth --version 8.0.0
                    


                    

                
#r "nuget: CodeConCarne.EntityFrameworkCore.Auth, 8.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package CodeConCarne.EntityFrameworkCore.Auth@8.0.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=CodeConCarne.EntityFrameworkCore.Auth&version=8.0.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=CodeConCarne.EntityFrameworkCore.Auth&version=8.0.0
                    


                            Install as a Cake Tool

What

CodeConCarne.EntityFrameworkCore.Auth adds role-based, table-level read and write authorization to EF Core.

Why

Pushing authorization down into EF Core unburdens developers from worrying about accidental privilege escalation in complex LINQ queries. This can be considered the primary authorization mechanism in an app built on EF Core. For example, in an ASP.NET Core Web app, service and endpoint authorization with [Authorize] can be considered a secondary layer of security and a performance optimization to short-circuit requests that would be rejected in EF Core.

How

Read authorization is performed by an IQueryCompiler that analyzes queries and extracts the authentication attributes from involved entity types. EF Core caches the function returned by the compiler so this analysis is only performed once for each query that EF Core recognizes as different. Write authorization is performed by an ISaveChangesInterceptor that extracts authentication attributes from entity types found in the change tracker and internally caches the attributes for each entity type.

The application service provider must provide an IPrincipalProvider.

services.AddScoped<IPrincipalProvider, AppPrincipalProvider>();
services.AddDbContext<AppDbContext>(options =>
{
	options.AddAuthorization();
	...
});

Authorization attributes are applied to entity types.

[AuthorizeRead] /* requires authentication */
[AuthorizeWrite(AppRoles.FooManager)] /* requires authorization */
public class Foo
{
	...
}

Limitations

Authorization is bypassed by RelationalDatabaseFacadeExtensions like ExecuteSql and RelationalQueryableExtensions like ExecuteDelete. If you use these in your application you'll need to guard them with traditional authorization mechanisms.

License

This project is licensed under the GNU Affero General Public License version 3.0 only. Commercial closed-source licensing is also available.

Contributing

To simplify licensing, bug reports and feature suggestions are preferred over code contributions. Any code contribution must include an assignment of copyright.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • net8.0

    • No dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
8.0.0 194 12/24/2025