Permissions are sometimes broken, Require Attribute not allowing anything

[Masterjun3]

Anyone who logs out and back in can't make e.g. Posts or Topics.

This seems to be the cause eac610fe9734671064897641fd7e2b192552a614 . Sometimes I can post, sometimes I can't, I can't figure out when this happens.

Via code debugging it seems sometimes the user claims simply don't include the permissions.

[Masterjun3]

Okay, I figured out what could be the problem:

When logging in, we first execute aspnetcore's login (which sets the cookie), and then we add our claims. However, according to internet search, we have to add the claims before logging in. That, or we have to refresh the login immediately afterwards using RefreshSignInAsync, but that feels weird.

So what we can do is this:

• Instead of using PasswordSignInAsync to sign in, we split it up:
• First use CheckPasswordSignInAsync to only check if the entered data is correct,
• If successful, we do our Claims thing (I think we clear and reload them), and finally do the aspnetcore login using SignInWithClaimsAsync, which, guess what, allows us to specify custom claims!