Authentication of three different login forms in ASP.NET Core

Question

In my code, there are three login forms in three different areas, and I want authentication to be done in the three areas in such a way that it is referred to the login form specific to the area. I wrote the code in the startup, but I don't know what to write in the login function, please guide me. Thank you :)

codes in startup.cs

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            }).AddCookie("ProvinceArea", options =>
            {
                options.Cookie.Name = "ProvinceLevel";
                options.LoginPath = "/Plogin";
                options.LogoutPath = "/Plogout";
                options.ExpireTimeSpan = TimeSpan.FromDays(1);
                options.SlidingExpiration = true;
            }).AddCookie("CountyLevel", options =>
            {
                options.Cookie.Name = "CountyLevel";
                options.LoginPath = "/Clogin";
                options.LogoutPath = "/Clogout";
                options.ExpireTimeSpan = TimeSpan.FromDays(1);
                options.SlidingExpiration = true;
            }).AddCookie("DistrictLevel", options =>
            {
                options.Cookie.Name = "DistrictLevel";
                options.LoginPath = "/Dlogin";
                options.LogoutPath = "/Dlogout";
                options.ExpireTimeSpan = TimeSpan.FromDays(1);
                options.SlidingExpiration = true;
            });

Authentication in three areas named ProvinceArea, CountyArea and DistrictArea and reference to three logn forms specific to each area

Answer 1

In your pages that need authentication you need to use the Authorize attribute and specify the scheme for that area e.g.:

[Authorize(AuthenticationSchemes = "ProvinceArea")]
public class IndexModel : PageModel
{
    // ...
}

In your login handler use:

await HttpContext.SignInAsync(scheme, principal);

where scheme is "ProvinceArea" or "CountyLevel" or "DistrictLevel" for each login form. Example:

var claims = new List<Claim>
{
    new Claim(ClaimTypes.Name, "..."),
    new Claim("FullName", "..."),
    new Claim(ClaimTypes.Role, "Administrator"),
};

var claimsIdentity = new ClaimsIdentity(claims, "ProvinceArea");

await HttpContext.SignInAsync("ProvinceArea", new ClaimsPrincipal(claimsIdentity));

Also you should probably remove these lines:

options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;

because you don't have any authentication scheme with the name CookieAuthenticationDefaults.AuthenticationScheme (this is just a constant string). Your authentication schemes are "ProvinceArea", "CountyLevel" and "DistrictLevel".

Check Authorize with a specific scheme in ASP.NET Core and Create an authentication cookie.