Aspnetcore: Authentication for serverside blazor
I've read this: https://github.com/aspnet/Blazor/issues/1449
and this: https://github.com/aspnet/Blazor/issues/698
And still have some questions.
The last option (of 1449) kind of defeats the purpose of SS blazor in my opinion. This way you are losing lots of the benefits. (creating a API surface and client), but that will work.
And the first option can only be used to control access to the whole application, right? Not to identify users in the components code.
For instance, I would like to be able to use:
Thread.CurrentPrincipal
in my components, but enabling authentication(in the server part) does not provide this (always null). I kind of understand why.. the SignalR stuff bypasses everything of the default stack, and provides no auth bearer or something, I guess?
In my opinion being able to use a principal in serverside blazor essential for enterprise applications.
Am I missing something? Or is this not possible yet? And is my scenario covered by 698?
Thanks
floreseken
All 13 comments
@floreseken, You can use IHttpContextAccessor to send the current HttpContext to blazor.Client.
cores-system
on 12 Oct 2018
blazor.Sever to Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddServerSideBlazor<Client.Startup>();
// HttpContextAccessor
services.AddHttpContextAccessor();
services.AddScoped<HttpContextAccessor>();
}
blazor.Shared
public class HttpContextAccessor
{
private readonly IHttpContextAccessor _httpContextAccessor;
public HttpContextAccessor(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
public HttpContext Context => _httpContextAccessor.HttpContext;
}
blazor.Client to App.cshtml
@inject blazor.Shared.HttpContextAccessor HttpContext
<Router AppAssembly=typeof(Program).Assembly />
@functions
{
protected override void OnInit()
{
HttpContext.Context.Request.Cookies.**
// Or data passed through middleware in blazor.Server
HttpContext.Context.Features.Get<T>()
}
}
1) In blazor.Shared you will need to add the package Microsoft.AspNetCore.Http via nuget
2) @inject HttpContextAccessor HttpContext can be used in any .cshtml or .cs file blazor.Client
cores-system
on 12 Oct 2018
Also see a GitHub example at: https://github.com/SQL-MisterMagoo/BlazorTest
ADefWebserver
on 12 Oct 2018
it worked for me !!!
carlosalcantara2668
on 13 Oct 2018
@cores-system , @floreseken ,
it worked for me !!!,
I have access to all the methods of the object.
carlosalcantara2668
on 13 Oct 2018
@carlosalcantara2668, I'm glad I helped )
cores-system
on 13 Oct 2018
I was wondering if it would be possible to use [Authorize] in Blazor 0.6.0 Server-side. Something like :
In FetchData.cshtml
@using RC.App.Services
**@[Authorize]**
@page "/fetchdata"
@inject WeatherForecastService ForecastService
Thanks for the great .net core stuff guys!
roboriaan
on 15 Oct 2018
I think we have several issues open at this point tracking the need for guidance and support for authentication and authorization, so I'm going to close this one as a duplicate of aspnet/AspNetCore#5472.
danroth27
on 15 Oct 2018
I created a sample and a Blog post using the code provided above: A Demonstration of Simple Server-side Blazor Cookie Authentication
ADefWebserver
on 4 Nov 2018
rakkarage
on 15 May 2019
peteralbanese
on 4 Aug 2019
travisneale
Related issues
guardrex
路
3Comments
TanvirArjel
路
3Comments
Pixel-Lord
路
3Comments
Kevenvz
路
3Comments
ipinak
路
3Comments
Most helpful comment
blazor.Sever to Startup.cs
blazor.Shared
blazor.Client to App.cshtml