Implementing A Role-Based Authentication and Authorization System With .NET 9 : A Case Study of HAMK Tech Research Unit’s FarmerApp Project
Quashigah, Edem (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025060621260
https://urn.fi/URN:NBN:fi:amk-2025060621260
Tiivistelmä
The purpose of this thesis project is to facilitate the design and implementation of a secure role-based authentication and authorization system for an administrative portal that supports the ‘FarmerApp’ project developed by the HAMK Tech Research Unit. The research unit commissioned this thesis project in response to the limitations of the current command line interface (CLI) based system which restricts administrative access to developers and lacks usability for non-technical staff. The thesis sought to develop a backend solution that enables secure access for admin users allowing them to manage user data which has been stored in a PostgreSQL database.
While the long-term plan of the research unit includes integrating Azure Active Directory (Azure AD) for standard users, this thesis focusses solely on the implementation of a custom API-based authentication system for admin users. Role-based access control (RBAC) and session management with refresh tokens are also discussed as core features of the solution.
This is a practical thesis project. First, the central concepts related to authentication, authorization, secure password storage and token-based access control are explored through extensive literature review. The thesis proceeds by documenting the development process of the backend using ASP.NET Core and Entity Framework Core. This research was done using the case study approach supported by iterative development of each system component using Agile methodology. Data security mechanisms were applied through password hashing, JWT-based authentication and database integration with EF Core. Migrations were used to manage the database schema during development.
The research demonstrates that a custom role-based authentication system can be securely and efficiently implemented using modern web technologies. The solution met the commissioner’s requirements by enabling secure user registration, login and access restriction based on user roles. Based on the implementation and analysis, it can be implied that the current backend forms a scalable and maintainable foundation for the future development of the ‘FarmerApp’s’ login portal. The HAMK Tech Research Unit responded positively to the prototype and considers it a valuable asset for upcoming phases of the project.
While the long-term plan of the research unit includes integrating Azure Active Directory (Azure AD) for standard users, this thesis focusses solely on the implementation of a custom API-based authentication system for admin users. Role-based access control (RBAC) and session management with refresh tokens are also discussed as core features of the solution.
This is a practical thesis project. First, the central concepts related to authentication, authorization, secure password storage and token-based access control are explored through extensive literature review. The thesis proceeds by documenting the development process of the backend using ASP.NET Core and Entity Framework Core. This research was done using the case study approach supported by iterative development of each system component using Agile methodology. Data security mechanisms were applied through password hashing, JWT-based authentication and database integration with EF Core. Migrations were used to manage the database schema during development.
The research demonstrates that a custom role-based authentication system can be securely and efficiently implemented using modern web technologies. The solution met the commissioner’s requirements by enabling secure user registration, login and access restriction based on user roles. Based on the implementation and analysis, it can be implied that the current backend forms a scalable and maintainable foundation for the future development of the ‘FarmerApp’s’ login portal. The HAMK Tech Research Unit responded positively to the prototype and considers it a valuable asset for upcoming phases of the project.