How to migrate from framework system.web.security roles to a .netcore alternative

Question

We have several .net framework 4.8 applications that make use of system.web.security to add/remove/check roles held by system users. It is time for us to move some of these on to .net 6 (we will be using MVC).

As it stands, we have our own sql table of users, a user is linked to one profile held in a user profile table. The profile table has many bit fields for each permission. We use Windows Authentication, so no login is required.

We have an authorize attribute that checks to see if the user has been setup. During this process we use reflection to look at each property in the profile table (for the profile record linked to the logged in user) and then use AddUserToRole and RemoveUserFromRole to assign or revoke roles based on whether each property is true/false.

That updates a seperate db called aspnetdb via the sqlroleprovider connection string in the web config.

The process works ok, but I am sure is not a great fit to core.

What approach should I be taking to migrate this to .net core? Ideally I would not move from the principle of my existing user table and one user may have one profile. I need to be able to check if a user holds a role, both in a controller and also on a view.

Can anyone suggest what direction I should take from here please?