Asp.Net MVC - Authorize won't accept my user

Question

Update: Tried doing it with roles, same problem. I'm printing my roles at Manage/Index/ : It shows me I'm both SuperUser and Authorized User but I can't see the parts of my Razor Pages that are hidden in a @if (User.IsInRole("SuperUser")){ <html> }nor can I access controller actions that are protected with [Authorize(Roles = "AuthorizedUser")]

---

Trying to secure parts of my Asp.Net MVC using the built in Framework. I am using the Standard .NET Framework Multiple User Authentication Template for now.

I want users to be able to run most things except for the Admin stuff in SettingsController.

[Authorize(Users = @"admin@mycompany.com")]

Registered an account with that Email, copied what @User.Identity.Name returned in the Navbar and pasted it into the Authorize attribute as shown above.

However when I login and try to access the Controller I'm redirected to the log-in field just as if I hadn't been logged in at all. I tried it with and without the @ in front of the string, I tried it with only the "admin" part of the e-mail ... What exactly do I need to put into that string for it to work? Online examples usually only include simple names like so:

[Authorize(Users="Alice,Bob")]
public class RestrictedContentController : Controller
{
    . . .
}

The standard template however doesn't have a user name. User.Identity.Name returns the Email Adress ... What do I do?

Answer 1

Found the problem:

I hadn't defined the RoleManager. I just manually instanced a role and added it to the mapping table. Not sure why it didn't work but once I defined a Role Manager, loaded it through Owin Context, created the Role in the Role Manager and then Added it in the User manager I was able to access [authorize] controller functions.